JuiceLedger operators have actively targeted PyPi package contributors in a phishing campaign, successfully poisoning at least two legitimate packages with malware. Several hundred more malicious packages are known to have been typosquatted.
ADVERSARY: Juiceledger
MALWARE FAMILY: Juicestealer
ATT&CK IDS: T1547 - Boot or Logon Autostart Execution, T1176 - Browser Extensions, T1566 - Phishing, T1553 - Subvert Trust Controls, T1036 - Masquerading, T1496 - Resource Hijacking, T1195 - Supply Chain Compromise, T1023 - Shortcut Modification
Read More:
留言