Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls

Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access.

The malicious packages attempt to steal sensitive user information stored in browsers, run shell commands, and use keyloggers to steal typed secrets.

The six packages were discovered by the Phylum research team, who closely monitors PyPI for emerging campaigns.

Read more…
Source: Bleeping Computer