"Telegram, AWS Users Targeted by Hidden Malware Code"
According to researchers at the cybersecurity company Checkmarx, Telegram, AWS, and Alibaba Cloud users are the target of a new malware campaign that hides malicious code within specific software functions to make it more difficult to detect. In September, Checkmarx discovered the campaign, which has been attributed to a threat actor dubbed "kohlersbtuh15." The malicious actor used the Python programming software repository Python Package Index (PyPI), launching attacks involving typosquatting and starjacking techniques. Typosquatting attempts to deceive a target into clicking on a link, mimicking a legitimate domain name to hide an attack, whereas the starjacking tactic involves linking a malicious package to an unrelated benign one. This article continues to discuss findings regarding the malware campaign that buries malicious code within specific software functions.
Cybernews reports "Telegram, AWS Users Targeted by Hidden Malware Code"
Submitted by grigby1