First Known Phishing Attack Against PyPI Contributor
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 |
Common Information
Type | Value |
---|---|
UUID | 442f43d0-01d2-4ee0-a07a-19ef1b6f925a |
Fingerprint | 8030085b80567203 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Sept. 1, 2022, 1:56 p.m. |
Added to db | Jan. 16, 2023, 3:56 p.m. |
Last updated | Sept. 2, 2024, 2:10 a.m. |
Headline | First Known Phishing Attack Against PyPi Users |
Title | First Known Phishing Attack Against PyPI Contributor |
Detected Hints/Tags/Attributes | 24/2/14 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 5 | linkedopports.com |
|
Details | Domain | 4 | python-release.com |
|
Details | Domain | 2 | ledgdown.com |
|
Details | Domain | 2 | ledgersetup.zip |
|
Details | File | 2 | ledgersetup.zip |
|
Details | File | 2 | resp.php |
|
Details | sha256 | 2 | 60434af3ebe924efabc96558e6c8d8176bf4eb06dd6cc47b4c491da9964be874 |
|
Details | sha256 | 2 | 8e97c6883e7af5cc1f88ac03197d62298906ac4a35a789d94cc9fde45ee7ea13 |
|
Details | Url | 3 | https://python-release.com/python-install.scr |
|
Details | Url | 2 | https://python-release.com |
|
Details | Url | 2 | https://ledgdown.com/ledgersetup.zip |
|
Details | Url | 2 | https://ledgdown.com |
|
Details | Url | 2 | https://linkedopports.com |
|
Details | Url | 2 | https://linkedopports.com/pyp/resp.php?live=installation |