Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
The malware, besides performing defense evasion checks to determine if it’s being executed in a sandbox, establishes persistence by means of a Visual Basic script and uses transfer[.]sh for data exfiltration.