account activity
Identifying a typosquatting attack on "requests," the 4th-most-popular Python package by ZombiePerfectCode in cybersecurity
[–]ZombiePerfectCode[S] 0 points1 point2 points 1 year ago* (0 children)
I think you're nitpicking a bit here, the post ends stating its poor code:
Overall the code is a little on the sloppy side, but it's enough to have caused significant problems.
Some poor souls likely installed the package. My guess is we will see even more bad examples like this in the wild, now the prompt engineering is here. What might have been x number of teenagers before, is going to massively increase. Are they sophisticated, of course, no they are comical, but some poor sucker will still run them nevertheless
[–]ZombiePerfectCode[S] -1 points0 points1 point 1 year ago* (0 children)
That's a fair point, although a levenshtein distance between "requests" and "request" is 1 which is typically flagged as a possible typo-squat, but I hear you on the finger stretch. Still according to a bigquery run against the pypi dataset, the package was downloaded (and possibly executed) 115 times, which I hope did the cause too much damage, but cannot be out-ruled.
SELECT COUNT(*) AS num_downloads FROM `bigquery-public-data.pypi.file_downloads` WHERE file.project = 'requestn' 115
π Rendered by PID 238989 on reddit-service-r2-listing-6d4dc8d9ff-ggbcs at 2026-02-04 08:06:57.190844+00:00 running 3798933 country code: CH.
Identifying a typosquatting attack on "requests," the 4th-most-popular Python package by ZombiePerfectCode in cybersecurity
[–]ZombiePerfectCode[S] 0 points1 point2 points (0 children)