JuiceLedger Hackers - Culprits Behind the Recent Phishing Attacks Against Python Package Index Users
Reading Time: 2 minutes

Cybersecurities connected JuiceLedger Hackers as culprits behind the recent phishing attacks against Python Package Index (PyPI) users. Python Package Index (PyPI) is an official third-party software repository for the programming language.

Cybersecurity firm SentinelOne,  tracked it as JuiceLedger, a relatively new entity that surfaced in early 2022. The malware can be installed on computers through a rogue application, called JuiceStealer. It reads passwords from the user’s web browser.JuiceLedger Hackers - Culprits Behind the Recent Phishing Attacks Against Python Package Index Users-1Recently, there was a phishing campaign targeting PyPi package contributors, compromising three packages with malware.

The supply chain attack on software distribution site PyPI, which occurred in 2017, may have been the latest escalation of a campaign which first occurred in early 2017. The hope would be that the people targeted are those who use fake cryptocurrency trading apps.JuiceLedger Hackers - Culprits Behind the Recent Phishing Attacks Against Python Package Index Users-2The goal is presumably to make a virus spread more widely through hacked packages, which are

There are growing concerns that open source projects are not safe, and so Google has announced monetary rewards for finding flaws in their public domain projects.JuiceLedger Hackers - Culprits Behind the Recent Phishing Attacks Against Python Package Index Users-3With account takeovers becoming a popular infection vector for attackers, PyPI imposed 2FA requirements on high security projects.

JuiceLedger began to attack software companies from the beginning of this year.

Related Articles:
US Bans Ex-NSA trio who spied on Americans for UAE from arms exports
Microsoft Uncovers Severe ‘One-Click’ Exploit for TikTok Android App
More than 1800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials