Malicious PyPI Package Targets Apple macOS: 59 Downloads, Google Cloud Credentials at Risk!

“Cybersecurity researchers found a malicious PyPI package targeting macOS to steal Google Cloud credentials. Named ‘lr-utils-lib,’ it was downloaded 59 times before being removed. The malware verifies the macOS system and checks its UUID against a list of hashes before stealing data. This highlights the lengths threat actors go to target specific machines.”

3P
Published: July 27, 2024 5:56 amAdded: July 26, 2024 at 11:31 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

So, the cyber baddies are targeting macOS users through a Python package, huh? Looks like even your ‘friendly’ code library could be planning a heist. Looks like it’s time to start treating code repositories like dodgy Craigslist listings!

Key Points:

  • Malicious Python package “lr-utils-lib” found on PyPI targeting macOS users.
  • Package aimed to steal Google Cloud credentials using predefined hashes.
  • 59 downloads before takedown; uploaded in June 2024.
  • Checkmarx uncovered a fake LinkedIn profile linked to the malware author.
  • Part of an ongoing trend of targeted supply chain attacks on macOS.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?