Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Overview
Recently, malicious packages were discovered on the Node Package Manager (npm) and the Python Package Index (PyPI) that specifically targeted users of Paysafe, Skrill, and Neteller payment applications. These packages delivered stealer malware, which is designed to capture sensitive credentials from users. Developers and other users who unwittingly downloaded these harmful packages are at risk of having their account information compromised. This incident raises significant concerns about the security of popular software repositories and highlights the need for vigilance among developers when sourcing packages. Users of these payment platforms should immediately review their account security and monitor for any unauthorized access.
Key Takeaways
- Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
- Affected Systems: Paysafe, Skrill, Neteller applications
- Action Required: Users should review their account security and monitor for unauthorized access.
- Timeline: Newly disclosed
Original Article Summary
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to developers and users of Paysafe, Skrill, and Neteller payment applications. [...]
Impact
Paysafe, Skrill, Neteller applications
Exploitation Status
This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.
Timeline
Newly disclosed
Remediation
Users should review their account security and monitor for unauthorized access. Developers should avoid using unverified packages and ensure they are sourcing software from trusted repositories.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Malware.