This package, whose name translates to “disaster” in Filipino slang, enables attackers to test stolen credit card information against real e-commerce payment systems with minimal technical expertise required. The malicious code executes a stealth attack by emulating legitimate customer checkout behavior, making it particularly difficult for fraud detection systems to identify and block. While this specific package has been removed from PyPI, the technique remains viable and could reappear under different package names, highlighting the need for enhanced security monitoring for both Python package repositories and e-commerce checkout systems. A sophisticated malicious Python package named “disgrasya” has been discovered on the PyPI repository, containing a fully automated carding script specifically targeting WooCommerce stores. The package specifically targets merchants using WooCommerce with CyberSource as their payment gateway, creating a specialized attack vector against these widely-used e-commerce systems. The malware operates through a carefully orchestrated multi-stage process designed to mimic legitimate customer behavior while validating stolen credit card information. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Industry research estimates online payment fraud will cost merchants over $362 billion globally between 2023 and 2028, with annual losses nearly doubling from $38 billion in 2023 to $91 billion by 2028—a 140% increase. The script even uses randomized customer information and handles both successful and failed transactions appropriately, making detection exceptionally difficult.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 04 Apr 2025 10:55:15 +0000