ESET Research has uncovered a series of harmful Python projects on PyPI, the official Python package repository.
According to ESET, both Linux and windows systems are targeted by these cyber threats, which typically deliver a customised cyberespionage backdoor. This allows remote command execution, file exfiltration, and sometimes even the ability to take screenshots.
Marc-tienne Lveill, an ESET researcher, identified and analysed the malicious packages. In some cases, the final payload is a version of the notorious W4SP Stealer, designed to steal personal data and credentials. Alternatively, a straightforward clipboard monitor is used to steal cryptocurrency predominantly Bitcoin, Ethereum, Monero, and Litecoin.
ESET Research says the cyber espionage threat was downloaded more than 10,000 times, with victims averaging to 80 downloads per day from May 2023. Over 116 files across 53 projects that contain malware were discovered by ESET. Despite their similar names to legitimate packages, ESET researchers believe the primary installation method isn't through 'typosquatting', rather it's social engineering: victims are guided through the pip-process to install an interesting package.
Following the release of this research, the majority of the packages have been removed from PyPI. ESET has worked in conjunction with PyPI to take actions regarding the remaining packages. As it stands, all known malicious packages have been taken offline. PyPI is favored among Python programmers as a platform for code sharing and downloads. However, the inclusivity of the repository can backfire as malware, disguised as legitimate, popular code libraries, can seep in.
The threat actors behind this campaign have been seen using three techniques for integrating malicious code into the Python packages. The first method involves inserting a test module with slightly obfuscated code inside the package. The second approach is to embed PowerShell code in the setup.py file usually automatically run by package managers like pip to aid in the installation of Python projects. The third technique finds the operators making no attempts to include legitimate code in the package, resulting in only the malicious code appearing in a slightly obfuscated form.
Typically, the final payload will be a custom backdoor capable of executing remote commands, exporting files, and sometimes taking screenshots. On Windows systems, the backdoor is implemented through Python, whereas on Linux it is executed through the Go programming language. In certain cases, the notorious W4SP Stealer is used as an alternative to the backdoor, or a simple clipboard monitor is employed to steal cryptocurrency or both.
Lveill advises Python developers to carefully examine the code they download before installing it onto their systems. His findings suggest that this kind of abuse of PyPI is likely to continue and he therefore urges developers to proceed with caution when installing code from any public software repository.