GoDaddy turned offline 15 000 subdomains that were used in spamming campaigns. this campaign, intruders…
The first to notice the problem was a senior software engineer at Sonatype, Adam Boesch, who accidentally noticed a package named after a popular television series (wandavision) in PyPI, which seemed strange to him.
Journalists note that such garbage bags are usually named after the watch-(movie name)-2021-full-online-movie-free-hd pattern, which is well known to visitors to pirated resources.
Some of these packages are already several weeks old, but spammers continue to add new ones to PyPI to this day. The publication was able to detect more than 10,000 such packages, although this estimate may be inaccurate and the actual amount of spam in PyPI is probably slightly lower.
These spoof pages tend to contain a jumble of keywords, as well as links to streaming sites whose legitimacy is highly questionable, such as https://besflix[.]com/movie/XXXXX/profile.html. what a standard spam packet page looks like.
In addition to keywords and links, packages also contain files with functional code and information about its author, which are usually taken from other legitimate PyPI packages.
For example, the watch-army-of-the-dead-2021-full-online-movie-free-hd-quality package contained the author information and code from the real jedi-language-server package. Apparently, this is how cybercriminals mask their spam and try to complicate the detection of such garbage.
Let me remind you that garbage content in PyPI and GitLab was already warned in early 2021. Then the representatives of PyPI told reporters that they knew about the observed wave of spam, and administrators are already working to eliminate it.
Apparently, until the recent time the administration of the repository has succeeded in combating such abuses.
Let me also remind you that we wrote that Python overtook JavaScript in popularity among developers.
Mubasinter.xyz is a domain that tries to trick you into subscribing to its browser notifications…
Garicund.xyz is a domain that tries to force you into subscribing to its browser notifications…
Qehu - General Info Qehu is a destructive software functioning as typical ransomware. Michael Gillespie,…
Qepi Virus - Details Qepi is a destructive software functioning as typical ransomware. Michael Gillespie,…
Wifebaabuy.live is a domain that tries to trick you into clik to its browser notifications…
Relativeads.net is a domain that tries to force you into clik to its browser notifications…