Malicious PyPI Package Targets Apple macOS: 59 Downloads, Google Cloud Credentials at Risk!
“Cybersecurity researchers found a malicious PyPI package targeting macOS to steal Google Cloud credentials. Named ‘lr-utils-lib,’ it was downloaded 59 times before being removed. The malware verifies the macOS system and checks its UUID against a list of hashes before stealing data. This highlights the lengths threat actors go to target specific machines.”

Hot Take:
So, the cyber baddies are targeting macOS users through a Python package, huh? Looks like even your ‘friendly’ code library could be planning a heist. Looks like it’s time to start treating code repositories like dodgy Craigslist listings!
Key Points:
- Malicious Python package “lr-utils-lib” found on PyPI targeting macOS users.
- Package aimed to steal Google Cloud credentials using predefined hashes.
- 59 downloads before takedown; uploaded in June 2024.
- Checkmarx uncovered a fake LinkedIn profile linked to the malware author.
- Part of an ongoing trend of targeted supply chain attacks on macOS.
Already a member? Log in here