"Japan Blames North Korea for PyPI Supply Chain Cyberattack"

According to Japanese cybersecurity officials, the North Korea-affiliated Lazarus Group recently launched a supply chain attack on the PyPI software repository for Python apps. The threat actors uploaded malicious packages named "pycryptoenv" and "pycryptoconf," which are similar to the legitimate "pycrypto" encryption toolkit for Python. Developers who have downloaded the malicious packages onto their Windows machines are infected with a Trojan called "Comebacker." The malicious Python packages had been downloaded between 300 and 1,200 times. Comebacker has been used in other cyberattacks linked to North Korea, including one on a npm software development repository. This article continues to discuss the PyPI supply chain cyberattack.

Dark Reading reports "Japan Blames North Korea for PyPI Supply Chain Cyberattack"

Submitted by grigby1