PyPI Supply Chain Attacks Hit Python and NPM Users on Windows and Linux

Checkmarx Zero researchers have uncovered a sophisticated supply chain attack campaign targeting Python and NPM package ecosystems through typo-squatting techniques against the popular colorama library and similar packages.

The malicious campaign employed cross-ecosystem name confusion tactics, deploying multi-platform payloads with remote access capabilities, persistence mechanisms, and advanced evasion techniques across Windows and Linux environments.

Cross-Platform Attack Campaign

Security researchers discovered multiple malicious packages uploaded to PyPI that closely mimic legitimate libraries, specifically targeting colorama, a widely-used Python package for terminal color control, and colorizr, an NPM package with similar functionality.

The attack campaign demonstrated unusual sophistication by employing cross-ecosystem name confusion tactics, where fake PyPI packages mimicked naming conventions from the NPM package colorizr, suggesting either deliberate confusion strategies or potential future expansion into the NPM ecosystem.

The malicious packages were distributed through typo-squatting techniques, exploiting developer typing errors and name similarity to trick users into installing compromised versions.

Package names included variations such as coloramapkgs, coloramapkgsdow, coloramashowtemp, colorizator, and coloraiz, uploaded by different user accounts including rick_grimes, morty_smith, reven, m5tl, and dsss.

Technical Payload Analysis

The attack deployed distinct payloads for Windows and Linux systems, each incorporating advanced persistence and evasion mechanisms.

Windows variants demonstrated sophisticated anti-detection capabilities, including environment variable harvesting from the Windows registry to expose sensitive credentials and configuration secrets.

The malware established persistence through Windows Task Scheduler, creating multiple scheduled tasks pointing to different file paths for modular payload deployment.

Windows payloads specifically targeted endpoint security controls, executing commands such as removing Windows Defender malware definitions and disabling Input/Output Antivirus scanning to prevent detection of downloaded files.

These behaviors linked back to a GitHub repository at github.com/s7bhme, hosting suspicious executables and Python project templates.

Linux payloads demonstrated equally sophisticated techniques through base64-encoded scripts embedded in package initialization files.

The attack chain involved RSA key deployment to /tmp/pub.pem for encryption, remote bash script download from gsocket.io/y for reverse shell establishment, and encrypted output exfiltration to Pastebin using valid API credentials.

The downloaded script provided comprehensive backdoor functionality including persistence through systemd, shell profile injection, crontabs, and process masquerading techniques.

Attribution analysis revealed potential multiple threat actors despite initial similarities in timing and naming conventions, with differences in tooling, tactics, and infrastructure suggesting separate campaigns exploiting similar typo-squatting methodologies.

The packages have been removed from public repositories, limiting immediate damage potential, though the campaign demonstrates the evolving sophistication of open-source supply chain threats.

Indicators of Compromise

Type	Value	Description
GitHub Repo	github.com/s7bhme	Repository hosting malicious payloads and templates
Webhook URL	webhook.site/dc3c1af9-ea3d-4401-9158-eb6dda735276	Endpoint for data exfiltration
File Hash (SHA256)	d30c78c64985a42c34ef142fd8754a776c8db81228bafc385c5bd429252e4612	Malicious Linux bash script
File Hash (SHA256)	daef5255eac4a4d16940e424c97492c6bad8fdafd2420632c371b9d18df3b47f	Windows payload (x69gg.exe)

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.