Malicious 'requests-darwin-lite' Package Targets Mac Users, UK Banks Hit by Data Breach
May 13, 2024Cybersecurity researchers discovered a deceptive Python package named 'requests-darwin-lite' on PyPI that camouflages a Sliver C2 framework inside a logo image to target macOS systems.
The malicious package employs steganography to execute commands on macOS after installation, revealing the sophistication of current cyber attacks.
With 417 downloads before removal, 'requests-darwin-lite' demonstrates how open-source repositories can be exploited to distribute malware.
The incident with 'requests-darwin-lite' coincides with IntelBroker's report of sensitive data breaches at Barclays and HSBC, attributed to a third-party contractor cyber attack.
These events underscore the critical need for enhanced security measures in open-source software distribution and third-party vendor management to protect against cyber threats.
Summary based on 3 sources
Get a daily email with more Tech stories
Sources
BleepingComputer • May 13, 2024
PyPi package backdoors Macs using the Sliver pen-testing suiteThe Hacker News • May 13, 2024
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library LogoSC Media • May 13, 2024
Malicious PyPI ‘requests’ fork hides backdoor in PNG file