Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

What security leaders need to know about AI governance in SaaS

New Zur Malware Variant Variant Targeting Developers via Trojanized Termius MacOS App

AMD warns about new temporary scheduler attacks affecting a wide range of CPUs

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » Malicious PYPI package “AutomSLC” enables 104K+ illicit deether music download
Identity

Malicious PYPI package “AutomSLC” enables 104K+ illicit deether music download

userBy userFebruary 26, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

February 26, 2025Ravi LakshmananMalware/Cryptocurrency

Deeser music download

Cybersecurity researchers have flagged malicious Python libraries in their Python Package Index (PYPI) repository, encouraging unauthorized music downloads from music streaming service Deezer.

The package in question is AutomSLC, which has been downloaded over 104,000 times so far. It was first published in May 2019 and is available on Pypi as of this writing.

“AutomSLC, which has been downloaded more than 100,000 times, is intended to provide music automation and metadata search, but also embed hardcoded credentials and communicate with external command and control (C2) servers. “We secretly bypass Deezer access restrictions,” Kirill Boychenko said in a report released today.

Cybersecurity

Specifically, this package is complete in violation of Deezer’s API terminology by users to log in to French music streaming platforms via hardcoded credentials, collect track-related metadata, and It is designed to download audio files.

The package also “regularly communicates with remote servers located at 54.39.49[.]17:8031” Provides up-to-date information on download status, thereby centralizing threat actors’ control over coordinated music piracy operations.

Put another way, AutomSLC effectively turns package users’ systems into illegal networks, and promotes bulk music downloads in unauthorized ways. The IP address is associated with a domain named “Automusic”[.]Win, “It is said that threat actors are used to oversee distributed download operations.

Deeser music download

“Deezer’s API terminology prohibits local or offline storage of full audio content, but by downloading and decrypting the entire track, AutomSLC bypasses this limit and legally affects users. “It could put you at risk,” Boychenko said.

Software supply chain security companies disclose when they detail an incorrect NPM package called @ton-Wallet/Create that spoofs a legitimate @Ton/Ton package, while stealing mnemonic phrases from unsuspecting users and developers. will be done.

First published in the NPM registry in August 2024, the package has collected 584 downloads so far. Downloads are still available.

Cybersecurity

Malicious features embedded in the library can extract processes. Mnemonic environment variables can give threat actors full access to cryptocurrency wallets and potentially emit victims’ digital assets. The information is sent to an attacker-controlled telegram bot.

“This attack poses serious supply chain security risks and targets developers and users who are integrating developers and users into their applications,” Socket said. “Periodic dependent auditing and automated scanning tools should be adopted to detect abnormal or malicious behavior in third-party packages before integration into a production environment.”

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleThousands of exposed Github repositories, currently private, are still accessible via copilot
Next Article CERT-UA compromises Ukrainian notary by deploying DCRAT warning against UAC-0173 attack
user
  • Website

Related Posts

What security leaders need to know about AI governance in SaaS

July 10, 2025

New Zur Malware Variant Variant Targeting Developers via Trojanized Termius MacOS App

July 10, 2025

AMD warns about new temporary scheduler attacks affecting a wide range of CPUs

July 10, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

What security leaders need to know about AI governance in SaaS

New Zur Malware Variant Variant Targeting Developers via Trojanized Termius MacOS App

AMD warns about new temporary scheduler attacks affecting a wide range of CPUs

Supports the supply of important minerals to meet demand

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

The Future of Process Automation is Here: Meet TwinH

Robots Play Football in Beijing: A Glimpse into China’s Ambitious AI Future

TwinH: A New Frontier in the Pursuit of Immortality?

Meta’s Secret Weapon: The Superintelligence Unit That Could Change Everything 

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.