The Python Package Index suspended new project creations and user registrations due to a wave of malicious package uploads. Service was restored to normal operations approximately ten hours later without revealing explicit details about the cause or actions taken.
PyPI Halts New Registrations Amid Supply Chain Attack
PyPI, which stands for Python Package Index, was recently subjected to a malicious attack. This is the leading source for apps and code libraries using Python programming. This service ranges from Fortune 500 corporations to independent developers. However, the attack disrupted the site and temporarily prompted it to halt the creation of new projects and user registration.
PyPI temporary suspension notification
In brief, the attack involved an influx of package uploads that executed malicious code on any installed device. This meant that any user who downloaded these packages was at risk of infecting their device with malware. After ten hours of suspension, PyPI restored all functionality. However, site representatives did not provide an explanation or details.
PyPI Malware Outbreak: Techniques and Tactics
According to the report, malicious packages were created using automation. The package names mimic those of popular packages and libraries like Requests, Pillow, and Colorama. Frauds embedded malicious code within the setup.py file of each package, which allows automatic execution upon installation. The attackers have employed a technique to conceal the code by obfuscating it and encrypting it using the Fernet encryption module. As soon as the package gets installed, the encrypted code is automatically executed, which triggers the malicious payload.
The malicious code further tries to retrieve an additional payload from a remote server. The URL for the payload is dynamically constructed by appending the package name as a query parameter. Though the vast majority of attack cases used funcaptcha[.]ru site as the command server. The retrieved payload is also encrypted using the Fernet module. The payload contains an infostealer that targets data stored in web browsers, such as login passwords, cookies, and cryptocurrency extensions. Additionally, there is a crypto hijacker that modifies the crypto wallets, routing the transactions to the . As usual, the malicious payload employs a persistence mechanism to ensure it remains active on the compromised system even after the initial execution.
Developers and Machine Learning In The Crosshair
Unfortunately, this is not a singular attack. Open-source repositories like GitHub, npm pack picks, and RubyGems are often targeted by supply chain attacks. Crooks cloning malicious packages are from legitimate ones and injected with hidden malicious code. For example, recently, researchers uncovered two such attacks on GitHub and Python that stole passwords and cryptocurrencies from developer devices.
Another worrying aspect here is the increased targeting of the machine learning industry. Python got extensive attention from all kinds of AI researchers, and a well-executed attack on them may have disastrous outcomes. Compromised ML datasets, leaked corporate secrets, and even “simple” access tokens and credentials – this is no joke. Considering how much money flows in the ML industry these days, the number of actors who’d try to fill their pockets in illegal ways will only rise.
Recommendations
To avoid such problems, you need to be vigilant. Developers and organizations interfacing with open-source repositories must adopt a proactive approach to cybersecurity. Verifying package authenticity, scrutinizing dependencies, and staying informed about emerging threat vectors are paramount. In addition, it is essential to have a robust anti-malware solution that will prevent malware from being deployed.
