Friday, June 13, 2025

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library

Home
Security Creators Network
Webinars
Events
- Upcoming Events
- On-Demand Events
Sponsored Content
Chat
Library
Related Sites
Media Kit
About
Sponsor

Analytics
AppSec
CISO
Cloud
DevOps
GRC
Identity
Incident Response
IoT / ICS
Threats / Breaches
More
Humor

Malware Security Bloggers Network Vulnerabilities

Home » Cybersecurity » Threats & Breaches » Vulnerabilities » Russia-linked ‘Lumma’ crypto stealer now targets Python devs

Russia-linked ‘Lumma’ crypto stealer now targets Python devs

by Ax Sharma on June 3, 2024

Russia-linked 'Lumma' crypto stealer now targets Python devs

Imagine being a developer who’s building the next-gen crypto app by using popular open source components to speed up coding. Instead, you end up including a package in your build that, does accomplish what you are trying to, but additionally steals cryptocurrency on any system that it’s installed on. That’s ‘crytic-compilers’ for you.

Sonatype’s automated malware detection systems identified a ‘crytic-compilers’ PyPI package named very closely after a fairly known legitimate Python library which is used by cryptocurrency developers to facilitate compilation of smart contracts, or digital agreements which are stored on the blockchain network.

Techstrong Gang Youtube

AWS Hub

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Ax Sharma. Read the original post at: https://www.sonatype.com/blog/crytic-compilers-typosquats-known-crypto-library-drops-windows-trojan

June 3, 2024June 3, 2024 Ax Sharma Malware Analysis, malware prevention, PyPI, Sonatype Repository Firewall, Vulnerabilities

← LogonBox SSPR 2.4.7 – Now Available
Navigating Cybersecurity: In-House Security Teams vs. Virtual CISOs →

Techstrong TV

Click full-screen to enable volume control

Watch latest episodes and shows

Tech Field Day Events

Upcoming Webinars

How to Spot and Stop Security Risks From Unmanaged AI Tools

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

Most Read on the Boulevard

Huge Food Wholesaler Paralyzed by Hack — is it Scattered Spider Again?

BADBOX 2.0 Botnet Infects Million-Plus Devices, FBI Says

Contrast Security Combines Graph and AI Technologies to Secure Applications

No Lollygagging: Cisco IOS XE Flaw With 10.0 Rating Should be Patched Now

Trump EO Takes Aim at Biden, Obama Provisions for Identity, Sanctions, AI

What is AI Red Teaming?

NIST Launches Updated Incident Response Guide

AI Ready: The Complete Guide to AI-Powered Cybersecurity Training in 2025/2026

Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)

Identity’s New Frontier: AI, Machines, and the Future of Digital Trust

Industry Spotlight

Application Security Cloud Security Cyberlaw Cybersecurity Data Privacy DevOps Featured Governance, Risk & Compliance Humor Industry Spotlight Mobile Security Most Read This Week News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threats & Breaches

Meta AI is a ‘Privacy Disaster’ — OK Boomer

June 13, 2025 Richi Jennings | 2 hours ago 0

Analytics & Intelligence Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Malware Most Read This Week Network Security News Popular Post Ransomware Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities

Huge Food Wholesaler Paralyzed by Hack — is it Scattered Spider Again?

June 10, 2025 Richi Jennings | 3 days ago 0

Application Security Cloud Security Cyberlaw Cybersecurity Data Privacy DevOps Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threats & Breaches Vulnerabilities

Meta’s Secret Spyware: ‘Local Mess’ Hack Tracks You Across the Web

June 4, 2025 Richi Jennings | Jun 04 0

Top Stories

Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Vulnerabilities

Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks

June 13, 2025 Jeffrey Burt | 3 hours ago 0

Application Security Cloud Security Cybersecurity Data Security Featured IoT & ICS Security Malware Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence

BADBOX 2.0 Botnet Infects Million-Plus Devices, FBI Says

June 9, 2025 Jeffrey Burt | 4 days ago 0

Cloud Security Cyberlaw Cybersecurity Data Security DevOps Featured Identity & Access Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

Trump EO Takes Aim at Biden, Obama Provisions for Identity, Sanctions, AI

June 9, 2025 Jeffrey Burt | 4 days ago 0

Security Humor

Facebook CEO Mark Zuckerberg announces the plan to make Facebook more private at Facebook’s Developer Conference on April 30, 2019

Meta AI is a ‘Privacy Disaster’ — OK Boomer

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Join the Community

Add your blog to Security Creators Network
Write for Security Boulevard
Bloggers Meetup and Awards
Ask a Question
Email: [email protected]

Useful Links

About
Media Kit
Sponsor Info
Copyright
TOS
DMCA Compliance Statement
Privacy Policy

Related Sites

Techstrong Group
Cloud Native Now
DevOps.com
Digital CxO
Techstrong Research
Techstrong TV
Techstrong.tv Podcast
DevOps Chat
DevOps Dozen
DevOps TV

Powered by Techstrong Group

Copyright © 2025 Techstrong Group Inc. All rights reserved.