Recently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of these executables are called "node.exe" and even bear the NodeJS icon and metadata, making them evasive and easily mistaken for legitimate libraries.

The post ‘Netfetcher’ package drops illicit ‘node’ binary on Windows appeared first on Security Boulevard.

Ax Sharma

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/08/netfetcher-package-drops-illicit-node-binary-on-windows/