Lucene search

K

GoogleOSV:MAL-2023-1839

HistoryFeb 09, 2023 - 6:42 p.m.

Malicious code in freqtrad (PyPI)

2023-02-0918:42:10

Google

osv.dev

4

attacker

malicious code

pypi

browsers

clipboard manipulation

crypto wallet addresses

AI Score

6.9

Confidence

Low

-= Per source details. Do not edit below this line.=-

Source: checkmarx (65d03e6c11afad0b2b5be1d39ebc7b60eb081c26581f1ad1fc547cb999d6e051)

Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet addresses

References

medium.com/checkmarx-security/17-malicious-python-packages-targeting-selenium-users-to-steal-crypto-8d24628ec656

AI Score

6.9

Confidence

Low