@noorman0 @Dave1
The python packages that are listed are commonly used in the field of data science and machine learning if I remember it correctly from my previous years at the University. From what I understand, it is not about downloading "browser extension" but rather installing mistype packages thru the official repository for Python packages using the Python's package manager called
pipwondering what is the degree of chance for an attacker to get at least one user mistake or omission so this attack works
Many developers or data scientists use these packages, which could result in hundreds of thousands or millions of downloads per day. Knowing this, you can safely assume that some developers could install packages with typos, and some of these typosquatted packages can end up on the computer of data scientists who are also cryptocurrency users as well.
Take, for instance, the TensorFlow package, one of the popular machine learning packages in python. According to pypistats.org, as of February 2023
[1], TensorFlow has been downloaded more than 15,000,000 times in the last 30 days, translating to an average of approximately 600,000 downloads per day. That alone can give you an idea how susceptible developers are when it comes to downloading malicious python packages.
[1]
https://pypistats.org/packages/tensorflow