This Week in Malware – Fileless Linux Cryptominer, 100 Packages | #linux | #linuxsecurity | #hacking | #aihp

This week in malware we discovered and analyzed nearly 100 packages flagged as malicious, suspicious, or dependency confusion attacks.

Notably, we uncovered a PyPI package that drops fileless Linux malware directly in memory to covertly run a cryptominer. Furthermore, our investigation revealed the threat actor published this malicious package under the stolen identity of a software engineer from a United States National Laboratory.

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Aaron Linskens. Read the original post at: https://blog.sonatype.com/this-week-in-malware-fileless-linux-cryptominer-100-packages