Skip to content

Malicious Python packages, Luna collapse, Musk deep fakes and more

  • by
  • 4 min read

A ransomware attack targeting public schools in Chicago has left data of about 500,000 students and 60,000 employees exposed after the vendor, Battelle for Kids, was targeted. A malicious Python package was found in the PyPi registry that performs supply chain attacks to make backdoors on Windows, Linux and macOS computers.

The stablecoin Luna has completely crashed, dropping down to $0.000202. Broadcom is in talks to buy VMware. Negotiations are ongoing, but a deal is not imminent. 

Whatsapp is dropping support for older iOS versions, specifically iOS 10 and 11. Cryptocurrency scammers are using deep fake videos of Elon Musk and other crypto advocates to promote scams that steal deposited cryptocurrency. Last but not least, YouTube has removed over 9,000 channels related to Russia’s invasion of Ukraine for violating content guidelines. 

In the News: Qualcomm unveils Snapdragon 8 Plus Gen 1 and Snapdragon 7 Gen 1

Malicious PyPi package installing backdoors on Windows, Linux and macOS systems

  • A malicious PyPi package named ‘pymafka’ is making supply chain attacks to install Cobalt Strike beacons and backdoors on Windows, Linux and macOS computers.
  • The package was uploaded to the PyPi registry on May 17, 2022, and is a typosquatting attempt for a similar package called PyKafka, a popular Apache Kafka client with over four million downloads. 
  • The package could only muster 325 downloads before being removed from the PyPi directory. The package was discovered and reported by Sonatype. 
  • The package contains a script that detects the host OS and, depending on it, fetches a compatible payload that is then executed on the system to install the backdoor.
H/t: BleepingComputer

Luna crashes to $0.00

  • After severe price fluctuations, stablecoin Luna has dropped down to $0.000202, a change of -4.40% over 24 hours at writing. 
  • Luna has had a total drop of 100% from its original value, which is supposed to be capped at $1. 
Can cryptocurrency replace fiat currency? Why does its value change?
H/t: Coinbase

Broadcom in talks to buy VMware

  • Broadcom is currently in talks to buy cloud service provider VMware. 
  • Negotiations between the two companies are ongoing, and a deal isn’t imminent as per sources.
  • The exact terms under discussion haven’t been publicised yet. 
  • The deal will further Broadcom’s tech business and marks a shift away from solely making chips into a more diversified tech company.
  • Broadcom has previously acquired CA technologies for $18.9 billion and Symantec Corp’s security division for $10.7 billion in the last four years.
H/t: Bloomberg

Whatsapp to drop support for iOS 10 and iOS 11

  • Whatsapp will drop support for iOS 10, iOS 11, iPhone 5 and iPhone 5C starting October 24 later this year. 
  • The official Whatsapp Help Center page has confirmed this by mentioning iOS 12 and higher versions as officially supported by the app. 
  • Users on older iPhones, including iPhone 5S, iPhone 6 and iPhone 6S, can continue using the app provided they’re on iOS 12 or newer. 
H/t: WABetaInfo

Elon Musk’s deep fake videos are being used to promote cryptocurrency scams

  • Threat actors using deep fake videos from Elon Musk and other crypto advocates, including Cathie Wood, Brad Garlinghouse, Michael Saylor, and Charles Hoskinson, promote a cryptocurrency scam.
  • The videos are legitimate interviews, with modifications made using deep fake technology. 
  • The scam revolves around a fake trading platform called BitVex, which claims to be owned by Musk and offers up to 30% returns on crypto deposits.
  • Multiple YouTube channels have been hacked to show videos and Shorts promoting the fake trading site. 
H/t: BleepingComputer

YouTube takes down over 70,000 videos related to the war in Ukraine

  • YouTube has taken down over 70,000 videos and 9,000 channels associated with the Russian invasion of Ukraine for violating content guidelines.
  • Removed videos include ones that label the invasion as a liberation mission.
  • Since the invasion began, YouTube has been taking active action against such channels and videos. Russia’s Ministry of Defence and Foreign Affairs have had their channels suspended from uploading videos; other channels include the likes of pro-Kremlin journalist Vladimir Solovyov.
H/t: The Guardian 

In the News: Canada bans Huawei, ZTE 5G equipment citing national security reasons

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: