Ad End 1 August 2026
Ad End 4 july 2026
ad End 17 June 2026
ad End 25 July 2026
banner Expire 27 September 2026
adv exp at 20 April 2026
banner Expire 25 July 2025
Ads end 31 October 2026
What's new
Ad expires at 9 July 2026
Ads end 31 October 2026
Wizard's shop 2.0
RonalClub cc shop
Patrick Stash
Luki Crown
best shop
best shop

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
8,081
Reaction score
1,053
Points
212
Awards
2
  • trusted user
  • Rich User
Malicious Python packages stole Discord tokens and credit card details

Two packages allowed a remote attacker to run malicious commands on the victim's device.


Operators of the official repository of Python Package Index (PyPI) components have removed eight libraries (pytagora, pytagora2, noblesse, genesisbot, are, suffer, noblesse2 and noblessev2) containing malicious code.

The malicious packages were detected by the JFrog cybersecurity team and were grouped into two categories based on their malicious operations. Two packages (pytagora and pytagora2) allowed a remote attacker to run malicious commands on the victim's device, forcing the infected system to connect to the attacker's IP address via TCP port 9009 and then execute any malicious Python code.

The other six packages (noblesse, genesisbot, are, suffer, noblesse2, and noblessev2) worked primarily to steal data. Once installed on a computer, they stole data, focusing on general system information, Discord tokens and user payment card information (stolen from installed browsers Google Chrome, Opera, Brave, etc.).

These eight libraries have been downloaded more than 30,000 times before being removed from the PyPI repository.
 
Ad End 1 November 2024
Top