{"id":23826,"date":"2024-11-26T09:35:16","date_gmt":"2024-11-26T01:35:16","guid":{"rendered":"https:\/\/www.1ai.net\/?p=23826"},"modified":"2024-11-26T09:35:16","modified_gmt":"2024-11-26T01:35:16","slug":"%e5%ae%89%e5%85%a8%e5%85%ac%e5%8f%b8%e6%8a%ab%e9%9c%b2-pypi-%e8%99%9a%e5%81%87-gpt-claude-ai-%e8%be%85%e5%8a%a9%e8%bd%af%e4%bb%b6%e5%8c%85%e5%b7%a5%e5%85%b7%ef%bc%8c%e5%ae%9e%e4%b8%ba%e6%9c%a8","status":"publish","type":"post","link":"https:\/\/www.1ai.net\/en\/23826.html","title":{"rendered":"Security firm reveals PyPI fake GPT \/ Claude AI-assisted software package tool is really Trojan ransomware"},"content":{"rendered":"<p><a href=\"https:\/\/www.1ai.net\/en\/tag\/%e5%ae%89%e5%85%a8%e5%85%ac%e5%8f%b8\" title=\"[Sees articles with [Security Corporation] labels]\" target=\"_blank\" >Security Company<\/a>Kaspersky issued a briefing claiming that they were <a href=\"https:\/\/www.1ai.net\/en\/tag\/pypi\" title=\"_Other Organiser\" target=\"_blank\" >PyPI<\/a> Two malware packages were found in the<strong>The toolkit masquerades as a GPT and Claude AI platform aid, but in reality is<a href=\"https:\/\/www.1ai.net\/en\/tag\/%e6%9c%a8%e9%a9%ac%e5%8b%92%e7%b4%a2%e8%bd%af%e4%bb%b6\" title=\"Look at the article that contains the label\" target=\"_blank\" >Trojan horse ransomware (computing)<\/a><\/strong>.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-23827\" title=\"42bf87d9j00snjb02004qd000v900efp\" src=\"https:\/\/www.1ai.net\/wp-content\/uploads\/2024\/11\/42bf87d9j00snjb02004qd000v900efp.jpg\" alt=\"42bf87d9j00snjb02004qd000v900efp\" width=\"1125\" height=\"519\" \/><\/p>\n<p>1AI has learned that the two malware packages are called \"gptplus\" and \"claudeai-eng\". gptplus\" claims to be able to access the GPT-4 Turbo model via OpenAI's API, while \"claudeai-eng\" claims to be able to access Anthropic Claude AI's API. API of Anthropic Claude AI, but in reality, they are both false propaganda.<\/p>\n<p>By parsing the __init__.py file in the packages, Kaspersky researchers found that after running on the victim's device, the packages download a file called JavaUpdater.jar from the GitHub repository, which ultimately unzips and runs the JarkaStealer Trojan horse, which is capable of stealing private content such as the victim's browser data files, account token, and so on. The Trojan steals the victim's browser data files, account tokens, and other private content.<\/p>\n<p>Kaspersky also said that these malware packages have been on PyPI's shelves for more than a year, during which time they have been downloaded more than 1,700 times, and called on developers to be vigilant when using third-party libraries in order to avoid becoming a member of the<a href=\"https:\/\/www.1ai.net\/en\/tag\/%e9%bb%91%e5%ae%a2\" title=\"[Sees articles with [Hacker] labels]\" target=\"_blank\" >hacker<\/a>Assault victims.<\/p>","protected":false},"excerpt":{"rendered":"<p>Security firm Kaspersky has issued a notification claiming that they have discovered two malware packages in PyPI that masquerade as GPT and Claude AI platform aids, but are actually Trojan ransomware. 1AI has learned that the two malware packages are named \"gptplus\" and \"claudeai-eng\". gptplus\" claims to be able to access the GPT-4 Turbo model via OpenAI's API, while \"claudeai-eng\" claims to be able to access Anthropic Claude AI's API. API of Anthropic Claude AI, but both of them are false propaganda. By parsing the __init__.py file in the package, Kaspersky researchers were able to<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[146],"tags":[5055,2565,5054,2566],"collection":[],"class_list":["post-23826","post","type-post","status-publish","format-standard","hentry","category-news","tag-pypi","tag-2565","tag-5054","tag-2566"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/posts\/23826","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/comments?post=23826"}],"version-history":[{"count":0,"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/posts\/23826\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/media?parent=23826"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/categories?post=23826"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/tags?post=23826"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/www.1ai.net\/en\/wp-json\/wp\/v2\/collection?post=23826"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}