A recent discovery revealed that developers were targeted with malware disguised as legitimate DeepSeek packages on the Python Package Index (PyPi). This attack highlights the growing threat of supply chain attacks in the software development community.
Threat researchers announced this discovery on February 3, 2025. The attack involved a malicious user ‘bvk’ uploading fake DeepSeek packages, named “deepseeek” and “deepseekai,” to PyPi on January 29, 2025. These packages were designed to steal sensitive information from developers, including user data and environment variables. The malware-laden packages appeared authentic, tricking developers into downloading and integrating them into their projects.
PyPi administrators have removed the fake DeepSeek packages from the repository and are conducting a thorough review to identify and eliminate any other potentially harmful uploads. They are also implementing stricter security measures to prevent similar incidents in the future and are advising developers to exercise caution when downloading packages from repositories and to verify the authenticity of the sources.
#CyTech #CyTechNewsRoom #Cybersecurity #CISO #CISOWorkplace™ #SCRM #DataBreach #malware #DeepSeek #PyPi
Leave a Reply