CYBER 101

  • Alerts
  • Blog
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Domains
  • FAQ
  • Incidents
  • Tutorials

Subscribe to our newsletter

FOLLOW US

No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Jobs
  • Vendors
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
  • Jobs
  • Vendors
Get Help
CyberMaterial
Home Alerts

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names

December 26, 2022
Reading Time: 2 mins read
in Alerts

 

Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering information-stealing malware on compromised developer machines.

Interestingly, while the malware goes by a variety of names like ANGEL Stealer, Celestial Stealer, Fade Stealer, Leaf $tealer, PURE Stealer, Satan Stealer, and @skid Stealer, cybersecurity company Phylum found them all to be copies of W4SP Stealer.

W4SP Stealer primarily functions to siphon user data, including credentials, cryptocurrency wallets, Discord tokens, and other files of interest. It’s created and published by an actor who goes by the aliases BillyV3, BillyTheGoat, and billythegoat356.

“For some reason, each deployment appears to have simply tried to do a find/replace of the W4SP references in exchange for some other seemingly arbitrary name,” the researchers said in a report published earlier this week.

The 16 rogue modules are as follows: modulesecurity, informmodule, chazz, randomtime, proxygeneratorbil, easycordey, easycordeyy, tomproxies, sys-ej, py4sync, infosys, sysuptoer, nowsys, upamonkws, captchaboy, and proxybooster.

The campaign distributing W4SP Stealer gained traction around October 2022, although indications are that it may have started as far back as August 25, 2022. Since then, dozens of additional bogus packages containing W4SP Stealer have been published on PyPI by the persistent threat actors.

READ FULL ARTICLE

Tags: @skid StealerAlertsAlerts 2022ANGEL StealerCelestial StealerDecember 2022Fade StealerInfostealersLeaf $tealerMalwarePURE StealerPython Package Index (PyPI)Satan StealerW4SPW4SP Stealer
0
VIEWS
ADVERTISEMENT

Related Posts

Over 1,800 Android phishing forms for sale on cybercrime market

Over 1,800 Android phishing forms for sale on cybercrime market

February 2, 2023
Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

February 2, 2023
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

February 2, 2023
White House Mulls Banning Huawei’s Access to US Technology

White House Mulls Banning Huawei’s Access to US Technology

February 2, 2023

More Articles

Book

Enterprise Information Security Architecture

February 10, 2022
Alerts

Counterfeit Android device models designed to target WhatsApp

August 22, 2022
Alerts

Carrier LenelS2 security advisory

June 2, 2022

The Insight: A Threat Intelligence Podcast

June 30, 2022

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.