Malware Report
Title
VMConnect: Malicious PyPI packages imitate popular open source modules
Report Author
Karlo Zanki
Description
ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo.
Malware Packages (4)
The following malware packages were identified in this report.
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |
|---|---|---|---|---|---|
| Pypi Package | VMConnect | Hushki Manager | 1.1.7 | ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo. | |
| Pypi Package | ethter | Hushki Manager | 0.9.1b1, 1.10.1b1 | ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo. | |
| Pypi Package | osinfopkg | Hushki Manager | 0.0.2, 0.0.3, 0.0.4, 1.0.1, 1.0.2, 1.0.3, 1.0.4 | ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo. | |
| Pypi Package | quantiumbase | Hushki Manager | 0.7.0, 0.8.1 | ReversingLabs threat researchers have identified a new malicious PyPI campaign that includes a suspicious VMConnect package published to the PyPI repo. | |
| Package Type | Name | Attack Strategy | Package Author | Versions | Description |