More Sourceforge Fail

User d3k4y on reddit has reported that the Sourceforge version of pywallet contains malicious code that will send users private keys to a remote server located at bieber.atwebpages.com (source, archived). Once a well-known source for a variety of software downloads, the site has steadily declined into a haven for malware and other assorted junk. This incident serves as a reminder of the importance of always verifying checksums of any software before attempting to run it in a live environment.

2 thoughts on “More Sourceforge Fail

  1. Even the legit 'pywallet' is a monumental pile of shit. Seriously, read it. There are base64-encoded binaries (as far as i can tell, images, but these would have been the ideal stego for a trick like what is described above) in there!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>