20 May

Malware in Open Source Software

Open Source software is always trustworthy, right? Last year, Bertus broke a story about a malicious Python package called “Colourama”. When used, it secretly installs a VBscript that watches the system clipboard for a Bitcoin address and replaces that address with a hardcoded one. Essentially this plugin attempts to redirects Bitcoin payments to whoever wrote the “colourama” library.

read more

Share this

© 2017 Awontis. All rights reserved.