We found results for “”
WS-2022-0067
Date: February 2, 2022
In the PyPi Easyfuncsys package there is malicious code that appears to be stealing Discord tokens allowing it to access Discord as that user, additionally it steals leveldb files, and runs a suspicious EXE.
Language: Python
Severity Score
Severity Score
Weakness Type (CWE)
Code
CWE-17CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |