icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

Cyber Security Threat Summary:
According to a new report from Checkmarx, throughout 2023 threat actors have been distributing malicious Python packages disguised as legitimate obfuscation tools to execute BlazeStealer malware on targeted systems. Once executed, BlazeStealer will retrieve a malicious script from an external source and run a discord bot designed to enable the threat actor to gain complete control over the victim’s computer and perform the following actions:

  • Exfiltrate detailed host information
  • Steal passwords from the Chrome web browser
  • set up a keylogger
  • Download files from the victim's system
  • Capture screenshots and record both screen and audio
  • Render the computer inoperative by ramping up CPU usage, inserting a batch script in the startup directory to shut down the PC, or forcing a BSOD error with a Python script
  • Encrypt files, potentially for ransom
  • Deactivate Windows Defender and Task Manager
  • Execute any command on the compromised host
Security Officer Comments:
So far researchers have uncovered a total of eight malicious packages which include Pyobftoexe, Pyobfusfile, Pyobfexecute, Pyobfpremium, Pyobflite, Pyobfadvance, Pyobfuse, and pyobfgood, Taking a closer look, all of these package names start with “pyobf” which is set on purpose by the actors to be similar to genuine packages such as “pyobf2” and “pyobfuscator” that are commonly used by developers to obfuscate their Python code.

Suggested Correction(s):
69.2% of total downloads of the malicious packages originated from the United States followed by China (12.4%), Russia (5.5%), Ireland (3.0%), Hong Kong (1.6%), etc. This highlights the need for developers to be more careful when installing packages by verifying their source code and authenticity and using dependency scanning tools to identify outdated or vulnerable packages that might be exploited by threat actors.

Link(s):
https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html

Contact Us for Threat Assistance
Back to Current Threats