"New KEKW Malware Infects Open-Source Python Wheel Files via a PyPI Distribution"
Malicious open-source Python .whl (Wheel) files were distributing a new malware called KEKW, which can steal sensitive data from infected systems by combining clipper activities with infostealers to take over cryptocurrency transactions. Cyble Research and Intelligence Labs (CRIL) noted that the Python packages under investigation were absent from the actual Python Package Index (PyPI) repository, suggesting that the Python security team removed the malicious packages. CRIL also confirmed with the Python security team that the malicious packages were removed within 48 hours of their upload. Due to the quick removal of the malicious packages, CRIL said it is impossible to determine how many people downloaded them. However, they suspect that the incident's impact was likely minimal. The incident highlights a persistent issue within the open-source community. PyPI has become a popular repository for software packages using Python. As developers use it to share and download Python code, PyPI has become an attractive target for threat actors seeking to attack developers due to its pervasive adoption. This article continues to discuss the new KEKW malware and its distribution via malicious open-source Python .whl files.