BlazeStealer Malware Uncovered in Python Packages on PyPI

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

Python Package Index (PyPI) repository is infiltrated with number of malicious python packages. These packages masquerade as obfuscation tools, however they harbor BlazeStealer malware, which initiates a Discord bot that grants cybercriminals complete access to the victim’s computer. The attack is aimed at the developer community, with the intention of stealing sensitive information and compromising the development ecosystem.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.