Attackers leverage PyPI to sideload malicious DLLs [Tuesday, February 20, 2024]

ReversingLabs researchers discovered two malicious Python packages on PyPI that employed DLL sideloading to execute malicious payloads. Further inv...
Attackers leverage PyPI to sideload malicious DLLs [Tuesday, February 20, 2024]
Attackers leverage PyPI to sideload malicious DLLs

Attackers leverage PyPI to sideload malicious DLLs

Description :
ReversingLabs researchers discovered two malicious Python packages on PyPI that employed DLL sideloading to execute malicious payloads. Further investigation revealed connections to a larger campaign abusing open-source infrastructure.

Published Created Modified
2024-02-20 16:07:25 2024-02-20 16:07:25 2024-02-20 16:17:47

Tags

Indicators

URLs : Domains : Malwares :
  • Cobalt Strike - S0154
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.