Sign in / up

back to article WASP malware stings Python developers

Malware dubbed WASP is using steganography and polymorphism to evade detection, with its malicious Python packages designed to steal credentials, personal information, and cryptocurrency. Researchers from Phylum and Check Point earlier this month reported seeing new malicious packages on PyPI, a package index for Python …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Double check your spelling

    It looks like the infected packages depend on sloppy typing by developers who wind up importing a package named using a slight misspelling to get the WASP malware onto the developer's system. For example: `coloroma' or `coloruma' vs. `colorama', etc.

    2 0 Reply
    1. Mike Lewis
      Reply Icon

      Re: Double check your spelling

      I can see someone typing in "colourama".

      0 0 Reply
      1. Mike007 Bronze badge
        Reply Icon

        Re: Double check your spelling

        Presumably that is the correct package name...

        2 1 Reply
  2. Gene Cash Silver badge

    Or stupid package names

    How many projects fork another project by changing one letter or making a "cute" misspelling of the original name?

    Then there's just out-and-out stupid names like "LillyPad" for Eli Lilly's corporate twitter account

    So this sort of situation is ripe for the plucking.

    1 0 Reply
    1. Tom 38
      Reply Icon

      Re: Or stupid package names

      My favourite recent example is that a bunch of people disagreed with how FastAPI is developed (its essentially one developer, who allegedly is not all that keen on collaboration), so setup a similar project from scratch called starlite. Now, starlette is an framework for building ASGI web applications, and it's used in fastapi and used to be used in starlite, hence the name. They recently decided that starlette was too limiting for starlite and have just finished divorcing themselves of it!

      So we now have fastapi which depends on starlette. starlite is like fastapi and doesn't depend on starlette, and starlette and starlite do completely different things!

      1 0 Reply
      1. Giles C Silver badge
        Reply Icon

        Re: Or stupid package names

        Reading that makes my brain hurt, I am glad I am network engineer as I don’t have to deal with this sort of stuff…

        3 0 Reply
  3. Sceptic Tank Silver badge

    I suppose this could have happened to anyone, but this is just more reason to completely avoid that train wreck that is the Python programming platform. Executing code from pretty pictures? Using Python in any kind of serious software project is like entering a unicycle in the Dakar rally. I suppose it exists to help the software devs make mistakes faster and the syntax of the language will assist you in coding hard to track errors.

    0 6 Reply
    1. JohnnyRico
      Reply Icon

      I wonder what is your language of choice for your "serious software"?

      1 0 Reply
      1. Lost Neutrino
        Reply Icon
        Coat

        Why do you assume the poster knows anything about programming, let alone having a language of choice?

        The poster's text is self-evident: just some waffle without anything of substance.

        0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like