New PondRAT Malware Hidden in Python Packages Targets Software Developers
New PondRAT Malware Hidden in Python Packages Targets Software Developers
23 September 2024
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign.
PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor that has been previously attributed to the Lazarus Group and deployed in