Checkmarx researchers uncovered an ongoing supply chain attack conducted by a threat actor they tracked as WASP that is targeting Python developers.
The attackers are using Python packages to distribute a polymorphic malware called W4SP Stealer.
The malicious code is able to steal the victim’s Discord accounts, passwords, crypto wallets, credit cards, and other sensitive data on the victim’s PC. Stolen data have been sent them back to the attacker through a hard-coded Discord webhook address.
The threat actor is offering the WASP stealer for $20 claiming it is undetectable and is heavily “protected by some awesome obfuscation.” The supply chain attacks seem to be financially motivated.
