Beware: Malicious PyPI Packages Spread Infostealer Malware

Malicious code, disguised as a legitimate Python package, aiocpa, was discovered and reported to PyPI, which was designed to steal cryptocurrency wallet credentials, while subsequent investigation revealed the unique nature of this attack.

After establishing a user base through the publication of a legitimate crypto client tool on npm and PyPI, the attackers later compromised users by distributing a malicious update that contained a backdoor.

Machine learning-based threat hunting identified the PyPI package “aiocpa” containing suspicious code in the “utils/sync.py” file, which resembled patterns found in previously malicious packages on the PyPI repository. 

ML Threat Hunting policy violation

The obfuscated malware, designed to steal crypto assets, was found to be a simple wrapper around CryptoPay initialization, which exfiltrates sensitive arguments, including crypto trading tokens, to a remote Telegram bot after deobfuscating several layers of Base64 encoding and zlib compression. 

A malicious Python package, “aiocpa,” was detected and reported to PyPI security, where the package was quarantined and subsequently removed, while the attacker also attempted to hijack the “pay” project on PyPI, likely to exploit its user base.

Deobfuscated infostealer code

PyPI package name takeovers are a significant security risk because they allow malicious actors to take control of trusted packages and inject vulnerabilities or backdoors into software. 

In order to reduce the impact of this risk, it is recommended to strictly pin dependencies, make use of version hashes, and perform routine security assessments on third-party components.

Initial inspection revealed that the crypto pay API client package appeared to be legitimate, as it had a history of updates, documentation that was well organized, and there were no immediate warning signs.

The maintainer’s profile, with a non-generic avatar and a history of package maintenance since March 2024, coupled with active GitHub contributions since January 2024, indicates a legitimate and experienced developer.

Malicious GitHub account details

A seemingly legitimate package with a respectable download count and active maintenance potentially masking malicious intentions evaded detection by standard security assessment protocols.

According to Reversing Labs, the malicious code was not introduced into the GitHub repository but was injected into the package during the PyPI publishing process, bypassing GitHub’s security measures.

Supply chain attacks targeting open-source software are becoming more sophisticated and harder to detect, as dedicated security tools are essential to identify and mitigate these threats in modern software development processes. 

Also Read:

Kaaviya
Kaaviyahttps://cyberpress.org/
Kaaviya is a Security Editor and fellow reporter with Cyber Press. She is covering various cyber security incidents happening in the Cyber Space.

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here