A newly uncovered malicious Python package on PyPi, named ‘disgrasya’, has raised serious concerns after it was discovered exploiting WooCommerce-powered e-commerce sites to validate stolen credit card information. Before its removal, the package had been downloaded more than 34,000 times, signaling significant abuse within the developer ecosystem.
The tool specifically targeted WooCommerce sites using the CyberSource payment gateway, enabling threat actors to mass-test stolen credit card data obtained from dark web sources and data breaches. This process, known as carding, helps cybercriminals determine which cards are active and usable.
While PyPi has since removed the package, its high download count reveals the widespread exploitation of open-source platforms for illicit operations.
“Unlike typical supply chain attacks that rely on deception or typosquatting, disgrasya made no attempt to appear legitimate,” explains a report by Socket researchers.
“It was openly malicious, abusing PyPI as a distribution channel to reach a wider audience of fraudsters.”
What sets ‘disgrasya’ apart is the transparency of its malicious intent. Unlike other deceptive packages that mask their true purpose, this one openly advertised its illicit capabilities in the description:
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: