Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Python - T1059.006 |
Common Information
| Type | Value |
|---|---|
| UUID | f51f3182-10b8-436b-b503-eb9575cd7b89 |
| Fingerprint | 210310ba96751e |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 5, 2023, midnight |
| Added to db | Jan. 18, 2023, 8:41 p.m. |
| Last updated | Nov. 17, 2024, 10:43 p.m. |
| Headline | Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack |
| Title | Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack |
| Detected Hints/Tags/Attributes | 26/1/16 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 138 | setup.py |
|
| Details | Domain | 180 | readme.md |
|
| Details | Domain | 1 | wasp.plague.fun |
|
| Details | Domain | 5 | pepy.tech |
|
| Details | File | 127 | setup.py |
|
| Details | File | 61 | __init__.py |
|
| Details | File | 144 | requirements.txt |
|
| Details | File | 1 | wasp.pl |
|
| Details | File | 23 | '.exe |
|
| Details | File | 3 | 'w.exe |
|
| Details | File | 27 | pythonw.exe |
|
| Details | File | 65 | python.exe |
|
| Details | File | 124 | os.sys |
|
| Details | Url | 1 | http://wasp.plague.fun/inject/fu643xzasbmccngn\').read())""")\n_ttmp.close |
|
| Details | Url | 1 | http://wasp.plague.fun/inject/fu643xzasbmccngn\').read |
|
| Details | Url | 1 | http://wasp.plague.fun/inject/fu643xzasbmccngn').read |