Python package repository PyPI (Python Package Index) temporarily banned registration of new users and creation of new projects due to the continuous mass download of malicious packages during automated attacks. The block was introduced after 566 packages with malicious code, styled after 16 popular Python libraries, were uploaded to the repository on March 26 and 27.
The package names are formed using type squatting, i.e. assigning similar names that differ in individual characters, for example, temsorflow instead of tensorflow, requyests instead of requests, asyincio instead of asyncio, etc. When carrying out such attacks, attackers rely on inattentive users who made a typo or did not notice differences in the name when searching or following a link from forums and chats in which attackers leave deceptive instructions.
Advertisement
Malicious packages are based on the code of legitimate libraries, which contain individual changes that install malware into the system that searches for and sends confidential data and files containing passwords, access keys, crypto wallets, tokens and session Cookies. The malicious code is embedded in the setup.py file that is executed during package installation. During activation, the change made downloads the main malicious components from an external server.
Over the course of two days, attackers downloaded 29 malicious variants of the tensorflow package, 26 – BeautifulSoup, 26 – PyGame, 15 – SimpleJson, 38 – Matplotlib, 26 – PyTorch, 67 – CustomTKInter, 28 – selenium, 17 – playwright, 15 – asyncio and 67 – requirements. Additionally, isolated cases of counterfeiting of the requests, py-cord, colorama, capmonstercloudclient, pillow and bip-utils libraries were identified.
Separately noted attack on the community Top.gg, with 170 thousand users. During the attack, the attacker managed to compromise the GitHub account of one of the top.gg developers by stealing browser cookies. The attacker also added three packages to the PyPI repository and registered the domains pypihosted.org and pythanhosted.org, which hosted a mirror to distribute malicious package dependencies.
Through a hacked account in GitHub repository the top.gg project, which housed a Python wrapper over the Top.gg API, was introduced change, which adds the requirements.txt file. The file contained a list of downloadable dependencies, in which, under the guise of downloading a dependency from a mirror, there was a link to a malicious clone of the package “colorama“, hosted on the fake domain pypihosted.org, with the expectation that developers will not notice the difference from the legitimate domain pythonhosted.org, from which packages from PyPI are usually downloaded.
Advertisement
Thanks for reading: