Malware Package
Package Type
Pypi Package
Name
locute
Identified At
1698728400000
Description
Phylum discovered two packages published to PyPI on October 28 that claim to be libraries for simplifying internationalization. The files were highly obfuscated and upon further inspection were found to contain malicious code designed to steal sensitive Telegram Desktop application data and system information, which it then sends to an
Identified Reports (1)
This malware package was identified on the following reports.
| Report | URL | Published At | Author | Description |
|---|---|---|---|---|
| Obfuscated PyPI Packages Purporting to be i18n Libraries Actually Stealing Telegram Data | https://blog.phylum.io/obfuscated-pypi-packages-purporting-to-be-i18n-libraries-actually-stealing-telegram-data/ | 1698728400000 | Phylum Research Team | Phylum discovered two packages published to PyPI on October 28 that claim to be libraries for simplifying internationalization. The files were highly obfuscated and upon further inspection were found to contain malicious code designed to steal sensitive Telegram Desktop application data and system information, which it then sends to an |
| Report | External URL | Published At | Author | Description |
Related Malware Packages (1)
The following malware packages were identified in the same report as this one.
| Package Type | Name | Attack Strategy | Package Author | Versions |
|---|---|---|---|---|
| Pypi Package | localization-utils |