Malicious PyPI Package "sympy-dev" Impersonates Legitimate SymPy Library to Deploy Cryptocurrency Miner

A malicious package named sympy-dev has been discovered in the Python Package Index (PyPI). This package impersonates SymPy, a popular symbolic mathematics library, by completely copying the description of the legitimate project. The goal is to deceive users and deploy malicious payloads on Linux systems, including an XMRig cryptocurrency miner. This identity theft technique aims to exploit the trust of developers who might install the malicious package thinking they are downloading the legitimate library.