Malicious Python projects targeting Linux, Windows systems

ESET Research has discovered harmful Python projects on PyPI, the official Python package repository, that target both Linux and Windows systems. These cyber threats can steal personal data, credentials, and even cryptocurrency. Over 116 files across 53 projects containing malware were discovered by ESET. The infected packages were downloaded over 10,000 times from May 2023, averaging at around 80 downloads per day. Most of the packages have been removed from PyPI but researchers expect this kind of abuse to continue.