Beware: Official Python repository found to contain malicious projects

BeeBright/Getty Images

PyPI is the official Python Package Index that currently contains 500,972 projects, 5,228,535 million releases, 9,950,103 million files, and 770,841 users. PyPI helps users locate and install software developed and released by the Python community as well as serving as a repository where developers can distribute their software.

Also: How to use ChatGPT to write code

Recently, cybersecurity specialist ESET discovered a series of malicious Python projects within PyPI, each of which deployed a customized backdoor containing cyberespionage functionality. The malicious code allowed file execution, file exfiltration, and the ability to take screenshots of a user’s screen in certain scenarios, as well as delivering the W4SP Stealer or a clipboard monitor that steals cryptocurrency in some cases. Over 10,000 downloads were recorded across 53 projects on PyPI, with 116 malicious packages being uploaded.

According to ESET researcher Marc-Etienne M. Léveillé, “Some malicious package names do look similar to other, legitimate packages, but we believe the main way they are installed by potential victims isn’t via typosquatting, but social engineering, where they are walked through running pip to install an ‘interesting’ package for whatever reason.” In his blog post “A pernicious potpourri of Python packages in PyPI,” M.Léveillé said, “PyPI continues to be abused by cyber attackers to compromise Python programmers’ devices.” He continues, “This campaign displays a variety of techniques being used to include malware in Python packages. Python developers should thoroughly vet the code they download, especially checking for these techniques, before installing it on their systems. As well as continuing to abuse the open-source W4SP Stealer, the operators have also deployed a simple, but effective, backdoor. We expect that such abuse of PyPI will continue and advise caution when installing code from any public software repository.”

By the time ESET published its findings, most of the packages had been taken down by PyPI, and all known malicious packages are now offline. The operators used three different techniques for the campaign: placing a test module with minimal, slightly obfuscated malicious code; embedding PowerShell code into the file; and including only malicious code in the package that is slightly obfuscated. On Windows, the backdoor was implemented in Python. On Linux, the backdoor used the Go language. Given how widespread Python is, developers should vet any third-party code they use before adding it to their projects. ESET firmly believes the abuse of PyPI will continue, and M.Léveillé went as far as advising caution in “installing code from any public software repo.”