top of page
Search
Writer's pictureStormsec

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks

JuiceLedger operators have actively targeted PyPi package contributors in a phishing campaign, successfully poisoning at least two legitimate packages with malware. Several hundred more malicious packages are known to have been typosquatted.




ADVERSARY: Juiceledger


MALWARE FAMILY: Juicestealer


ATT&CK IDS: T1547 - Boot or Logon Autostart Execution, T1176 - Browser Extensions, T1566 - Phishing, T1553 - Subvert Trust Controls, T1036 - Masquerading, T1496 - Resource Hijacking, T1195 - Supply Chain Compromise, T1023 - Shortcut Modification


Read More:


6 views

留言


留言功能已關閉。
bottom of page