12 Python libraries were identified as malicious packages.
colourama was financially-motivated and hijacked an infected users' operating system clipboard, where it would scan every 500ms for a Bitcoin address-like string, which it would replace with the attacker's own Bitcoin address in an attempt to hijack Bitcoin payments/transfers made by an infected user.
On October 13th, 2018 all of these packages have been removed from Pypi.
Avoid usage of this package altogether.
- Snyk ID
- 13 Oct, 2018
- 28 Oct, 2018