Network Security, Vulnerability Management, Supply chain

PyPI halts new projects, users for 10 hours due to infostealer influx

Python website.

A malware upload campaign prompted the Python Package Index, aka PyPI, to temporarily suspend new user registrations and new project creations on March 28.

The suspension began at 2:16 UTC and was resolved the same day at 12:56 UTC, according to an official incident report.

The research team at Checkmarx wrote in a blog post that it was investigating a campaign of multiple malicious packages uploaded to the repository for software using the Python programming language that seemed to be related to the same threat actors. 

The campaign targeted victims with a typosquatting attack via a command line interface (CLI) to install Python packages that stole crypto wallets, browser data like cookies and extensions, as well as various other credentials.

The malicious payload used a persistence mechanism to survive reboots, noted the blog post by Yehuda Gelb, Jossef Harush Kadouri and Tzachi Zornshtain of the Checkmarx Security Research Team.

The researchers identified more than 220 packages related to the campaign, which bore misspelled names impersonating legitimate packages such as requests, pillow, asyncio, colorama and tensorflow.

The malicious code was in the packages’ file that, once installed, retrieved a payload from a remote server that delivered an infostealer to harvest sensitive data from the victim’s machine.

A screen image of the Python Package Index status page on March 28.

“The discovery of these malicious Python packages on PyPI highlights the ongoing nature of cybersecurity threats within the software development ecosystem,” the Checkmarx researchers concluded. “This incident is not an isolated case, and similar attacks targeting package repositories and software supply chains are likely to continue.”

Software supply chain, open-source ecosystem popular targets for malware

The incident is the second time this year that the PyPI repository had to be locked down from new users and projects due to malware.

From Dec. 27, 2023, to Jan. 2, 2024, PyPI suspended new user registrations due to an influx of malicious users and projects that staff said “outpaced our ability to respond to it in a timely fashion, especially with multiple PyPI administrators on leave.”

Similar shutdowns also occurred in late November to early December and for a few hours from May 20 to May 21, 2023.

Malware ranging from infostealers to ransomware have long proliferated in open-source package repositories including PyPI, NPM and NuGet, with some campaigns garnering tens of thousands of downloads before the packages are removed.

On Monday, Checkmarx also reported a supply chain attack affecting the 170,000-member GitHub organization of the popular Discord bot management platform, which involved the spread of malicious GitHub repositories and fake PyPI packages such as clones of colorama, distributed through typosquatted mirrors of legitimate Python infrastructure.

Earlier this month, PyPi added a new method to report malware packages directly on the repository’s website, rather than users needing to email PyPi support.

“We are lucky to have an engaged community of security researchers that help us keep the Python Package Index (PyPI) safe. These folks have been instrumental in helping us identify and remove malicious projects from the Index, and we are grateful for their continued support,” wrote Mike Fiedler, a PyPI administrator and safety & security engineer, in a post announcing the new feature.

A suspicious package designed for industrial systems that was discovered on the open-source NuGet .NET package repository this week also raised concerns about the potential misuse of software repositories for cyberespionage.

Stephen Weigand, managing editor and production manager for SC Media, contributed to this report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.