Malware Hidden In Python Packages Affects Developers Worldwide - 1

Image by DC Studio, from Freepik

Malware Hidden In Python Packages Affects Developers Worldwide

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Two malicious Python packages on PyPI mimicked AI tools but secretly installed JarkaStealer malware, stealing sensitive data from over 1,700 users.

In a Rush? Here are the Quick Facts!

  • Two malicious Python packages on PyPI installed JarkaStealer malware on users’ systems.
  • The packages mimicked AI tools but secretly stole sensitive data from users.
  • JarkaStealer malware collects data like browser info, session tokens, and system details.

Kaspersky’s cybersecurity experts have discovered two malicious Python packages on the Python Package Index (PyPI), a widely used software repository, as announced on Thursday.

These packages claimed to help developers interact with advanced language models like GPT-4 Turbo and Claude AI but were actually designed to install malware called JarkaStealer.

The packages, named “gptplus” and “claudeai-eng,” appeared legitimate, with descriptions and examples showing how they could be used to create AI-powered chats.

In reality, they only pretended to work by using a demo version of ChatGPT. Their actual purpose was to deliver malware. Hidden in the code was a mechanism that downloaded and installed JarkaStealer, compromising the user’s system.

If Java wasn’t already installed, the packages would even fetch and install it from Dropbox to ensure the malware could run.

These malicious packages were available for more than a year, during which they were downloaded over 1,700 times by users in more than 30 countries.

The malware targeted confidential data such as browser information, screenshots, system details, and even session tokens for applications like Telegram, Discord, and Steam. This stolen data was sent to attackers and then erased from the victim’s computer.

JarkaStealer is a dangerous tool often used to collect sensitive information. The source code was also found on GitHub, suggesting that the people distributing it on PyPI may not have been its original authors.

PyPI administrators have since removed these malicious packages, but similar threats could appear elsewhere.

Developers who installed these packages should delete them immediately and change all passwords and session tokens used on affected devices. While the malware doesn’t persist on its own, it could have already stolen critical information.

To stay safe, developers are encouraged to carefully inspect open-source software before use, including checking the publisher’s profile and package details.

For added security, tools that detect threats in open-source components can be included in development processes to help prevent such attacks.

Threads Updates Algorithm To Prioritize Accounts Users Follow - 2

Photo by Julio Lopez on Unsplash

Threads Updates Algorithm To Prioritize Accounts Users Follow

  • Written by Andrea Miliani Former Tech News Expert

Meta’s latest social media network Threads announced multiple updates to its platform including a customizable algorithm to allow users to see more content from the accounts they follow.

In a Rush? Here are the Quick Facts!

  • Threads announced a new customizable algorithm to allow users to get more content from the accounts they follow
  • The company also announced new updates to its features Trending New and Search
  • The updates come just a few days after Bluesky announced millions of users joined their network

“We are rebalancing ranking to prioritize content from people you follow, which will mean less recommended content from accounts you don’t follow and more posts from the accounts you do starting today,” wrote Adam Mosseri , head of Instagram, on Threads.

Mosseri clarified that Threads’ team is still making adjustments and that it might take time for them and content creators to find the balance between reaching larger audiences and maintaining connections with followers.

The new features and updates come just a few days after Bluesky—one of Thread’s main competitors—announced that it gained millions of users after the U.S. elections. Bluesky, an open social network, also reached a million users within a day milestone, showing significant growth during the past few weeks.

Bluesky has also a customizable algorithm that allows users to choose their preferred feeds and has been one of its top features since its announcement last year.

This month, Threads announced it reached 275 million active users in a month.