12 Python libraries were identified as malicious packages.
colourama was financially-motivated and hijacked an infected users' operating system clipboard, where it would scan every 500ms for a Bitcoin address-like string, which it would replace with the attacker's own Bitcoin address in an attempt to hijack Bitcoin payments/transfers made by an infected user.
On October 13th, 2018 all of these packages have been removed from Pypi.
Avoid usage of this package altogether.
Do your applications use this vulnerable package?
- Snyk ID
- 13 Oct, 2018
- 28 Oct, 2018