By Interestana AI Editorial — AI-drafted, human-overseen. How we report
Fake Paysafe, Skrill SDKs on NPM, PyPi Steal Credentials
Malicious software packages impersonating legitimate Software Development Kits (SDKs) for Paysafe, Skrill, and Neteller have been discovered on the Node Package Manager (npm) and the Python Package Index (PyPI) platforms. These compromised packages were designed to steal credentials from developers and users of these financial services.
The discovered malware, identified as stealer malware, was embedded within fake SDKs. When developers integrated these malicious packages into their projects, the malware would execute, aiming to exfiltrate sensitive information. This incident highlights a significant supply chain attack vector targeting the software development ecosystem.
Security researchers reported the discovery of these malicious packages, emphasizing the risk posed to users who might unknowingly incorporate compromised code into their applications. The attackers specifically targeted users of Paysafe, Skrill, and Neteller, indicating a focused effort to gain access to financial accounts. The exact number of compromised installations or the total amount of data stolen has not yet been publicly disclosed.
This event underscores the ongoing threat of malicious packages in public repositories and the critical need for robust security practices, including thorough vetting of third-party dependencies. Developers are advised to exercise extreme caution when adding new packages to their projects and to regularly audit their existing dependencies for any signs of compromise. The platforms npm and PyPI are expected to take action to remove the malicious packages and enhance their security measures.
Original source — read the full reporting at the publisher:
Read on BleepingComputerGet the weekly AI digest
AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.