Malware Package
Package Type
Pypi Package
Name
aws-enumerate-iam
Package Author
weiwang3056
Identified At
1696827600000
Description
Over the weekend, Phylum’s automated risk detection alerted us to a series of publications surrounding packages on PyPI, all purporting to be some kind of cloud provider SDK or helper package. While these packages do, in fact, provide the purported functionality, they also surreptitiously ship the credentials off to
Identified Reports (1)
This malware package was identified on the following reports.
| Report | URL | Published At | Author | Description |
|---|---|---|---|---|
| Cloud Provider Credentials Targeted in New PyPI Malware Campaign | https://blog.phylum.io/cloud-provider-credentials-targeted-in-new-pypi-malware-campaign/ | 1696827600000 | Phylum Research Team | Over the weekend, Phylum’s automated risk detection alerted us to a series of publications surrounding packages on PyPI, all purporting to be some kind of cloud provider SDK or helper package. While these packages do, in fact, provide the purported functionality, they also surreptitiously ship the credentials off to |
| Report | External URL | Published At | Author | Description |
Related Malware Packages (4)
The following malware packages were identified in the same report as this one.
| Package Type | Name | Attack Strategy | Package Author | Versions |
|---|---|---|---|---|
| Pypi Package | alibabacloud-oss2 | coinexchanged | ||
| Pypi Package | python-alibabacloud-sdk-core | coinexchanged | ||
| Pypi Package | python-alibabacloud-tea-openapi | coinexchanged | ||
| Pypi Package | tencent-cloud-python-sdk | hdhaibqbx |