
Fake Payment App Tools Stealing Information From Developers
Criminals created fake software tools that appeared to be from legitimate payment services like Paysafe and Skrill, targeting software developers with malware.
Source
BleepingComputer
Original headline: Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Plain-English summary by GetCyberRight. Read the full report at the source above.
Cybercriminals recently uploaded fake software packages to two popular developer platforms. These malicious packages pretended to be official tools from Paysafe, Skrill, and Neteller, which are legitimate payment services. When developers downloaded and used these fake tools, malware was installed on their computers that stole credentials and other sensitive information. This primarily affects software developers who use tools from NPM or PyPI in their work. However, if you use Paysafe, Skrill, or Neteller for online payments, there is a small risk that developers of apps or websites you use might have been compromised. The malware specifically targeted login credentials, which could allow criminals to access payment accounts or other sensitive systems.
Here is what you should do right now:
- If you use Paysafe, Skrill, or Neteller, change your password immediately. Choose a strong, unique password you do not use anywhere else.
- Enable two-factor authentication on these payment accounts if you have not already done so.
- Review your recent transaction history on these platforms for any unauthorized activity.
- Check your email account password as well, since many people use the same password across multiple sites.
- If you are a software developer who uses NPM or PyPI, review your recent downloads and check your system for suspicious activity. This incident shows how criminals are getting creative about who they target. By attacking developers, they hope to gain access to many users at once. Always use unique passwords for financial accounts, and never reuse passwords across different services. Two-factor authentication remains one of the best protections available, adding a second verification step that stops criminals even if they steal your password.
Curated from trusted cybersecurity sources by GetCyberRight
Source: BleepingComputerStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Artificial Intelligence Now Running Cyberattacks on Its Own
Researchers documented the first AI system that planned and executed a ransomware attack without human guidance. This represents a new threat.
2 min read
AI Runs First Fully Automatic Ransomware Attack: What Parents Need to Know
Researchers documented an AI system that carried out a complete ransomware attack by itself, raising concerns about future cyber threats.
2 min read
Fake Payment Apps Steal Information: Check If You're Affected
Scammers created fake versions of payment software to steal login credentials. If you or family members use payment apps, read this carefully.
2 min read
Are Your Student's University Email and Files Safe? What College Families Need to Know
Hackers targeted email systems at U.S. and Canadian universities to steal passwords and spy on researchers. Students and faculty may be affected.
2 min read