top of page

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks

JuiceLedger operators have actively targeted PyPi package contributors in a phishing campaign, successfully poisoning at least two legitimate packages with malware. Several hundred more malicious packages are known to have been typosquatted.

ADVERSARY: Juiceledger

MALWARE FAMILY: Juicestealer

ATT&CK IDS: T1547 - Boot or Logon Autostart Execution, T1176 - Browser Extensions, T1566 - Phishing, T1553 - Subvert Trust Controls, T1036 - Masquerading, T1496 - Resource Hijacking, T1195 - Supply Chain Compromise, T1023 - Shortcut Modification

Read More:



Os comentários foram desativados.
bottom of page