Ainda disponível em https://socket.dev/pypi/package/fabrice porém, o IP/Servidor origem dos payloads e captura de credenciais está fora do ar.
Screenshot com fundo branco
----------- hash MD5 ----------- --- path anf filename -- size (bytes) ad5e5986fc9936aecfcde091b42ad4fc ./fabrice_1.0.0/group.py 12498 ad5e5986fc9936aecfcde091b42ad4fc ./fabrice_1.0.1/group.py 12498 ad5e5986fc9936aecfcde091b42ad4fc ./fabrice_1.0.2/group.py 12498 ad5e5986fc9936aecfcde091b42ad4fc ./fabrice_1.0.3/group.py 12498 ad5e5986fc9936aecfcde091b42ad4fc ./fabrice_1.0.4/group.py 12498 ad5e5986fc9936aecfcde091b42ad4fc ./fabrice_1.0.5/group.py 12498 8efb97de30f6c1b0dcbf8c5cbdcc5e39 ./fabrice_1.0.6/group.py 22054 -- tamanho a partir da v.1.0.6 24dd3289cd73c3db4f60327b9c55f3ed ./fabrice_1.0.7/group.py 22587 5ab480ebd89802a21636d3583d1935f5 ./fabrice_1.0.8/group.py 22587 334810a745e8fa8f310ced632465f589 ./fabrice_1.0.9/group.py 22708 4f6501896e4e433a0d44626a7062bb4b ./fabrice_1.1.0/group.py 25300 8a09557b6e3e6f075f5a6eb67edb2031 ./fabrice_1.1.1/group.py 26678 b18755454a951f687bf5fdd6e1b09777 ./fabrice_1.1.2/group.py 26870 d5f731a71707a593b99f33502ac6221e ./fabrice_1.1.3/group.py 26869
Para mais detalhes do arquivo group.py
-
https://socket.dev/blog/malicious-python-package-typosquats-fabric-ssh-library
-
https://socket.dev/pypi/package/fabrice/files/1.[X]/py2-py3-none-any-whl/fabrice/group.py
com [X] referindo-se às sub- e minor- versions 0.6 a 0.9 e 1.0 a 1.3.