![]() Dual Pronged Attack – Fake Apps and Supply Chain Attacks In this post, we detail the evolution of JuiceLedger, describe the group’s attack vectors and activity, and provide an analysis of the JuiceStealer payload. Several hundred more malicious packages are known to have been typosquatted. JuiceLedger operators have actively targeted PyPi package contributors in a phishing campaign, successfully poisoning at least two legitimate packages with malware. In August 2022, the threat actor engaged in poisoning open-source packages as a way to target a wider audience with the infostealer through a supply chain attack, raising the threat level posed by this group considerably. NET application designed to steal sensitive data from victims’ browsers. In early 2022, JuiceLedger began running relatively low-key campaigns, spreading fraudulent Python installer applications with ‘JuiceStealer’, a. SentinelLabs, in collaboration with Checkmarx, has been tracking the activity and evolution of a threat actor dubbed “JuiceLedger”. PyPI says that known malicious packages and typosquats have now been removed or taken down.At least two packages with combined downloads of almost 700,000 were compromised. ![]() ![]() Hundreds of typosquatting packages delivering JuiceStealer malware have been identified.In August, JuiceLedger conducted a phishing campaign against PyPI contributors and successfully compromised a number of legitimate packages.JuiceLedger has rapidly evolved its attack chain from fraudulent applications to supply chain attacks in little over 6 months.JuiceLedger is a relativey new threat actor focused on infostealing through a. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |