PyPI repository restored after temporarily suspending new activity
Automated attack suspected as culprit
After temporarily suspending new user sign-ups and package uploads, the maintainers of the Python Package Index (PyPI), the official repository for open source Python packages, have now restored the registry.
In a notice released on 20th May, the PyPI admins said the number of malicious users and projects created on the index "in the past week" had exceeded their capacity to quickly address.
That was exacerbated by the absence of several administrators.
While the admins didn't provide specific information about the malicious actions or actors, sources indicate that an automated attack might have been the source.
"While we re-group over the weekend, new user and new project registration is temporarily suspended," the admins added.
The outage persisted for approximately 29 hours, and the status page now displays a message noting that the suspension had been lifted.
Similar to other open-source registries, PyPI has encountered instances of adversaries exploiting it to distribute malware.
A recent discovery by Israeli cybersecurity startup Phylum revealed an ongoing malware campaign that exploits OpenAI ChatGPT-themed lures.
The attackers use the lures to entice developers into downloading a malicious Python module. The module has the ability to extract clipboard content, allowing the attackers to hijack cryptocurrency transactions.
In a similar finding, two malicious packages were detected within the npm package repository. These packages were disguised as components of an open-source information stealer malware known as TurkoRat.
The packages, nodejs-encrypt-agent and nodejs-cookie-proxy-agent, were accessible for over two months before being discovered and removed. During that time, they were collectively downloaded around 1,200 times.
ReversingLabs, which analysed the campaign, said TurkoRat is an information stealer designed to collect sensitive data, including login credentials, website cookies and information from cryptocurrency wallets.
In March of this year, a malicious package called "colourfool" on PyPI was discovered distributing malware referred to as "Color-Blind" by risk consulting firm Kroll.
In the same month, Sonatype identified two PyPI packages named 'microsoft-helper' and 'reverse-shell' that were found to be delivering information-stealing malware. These malware instances exploited Discord as a means to extract and transmit sensitive information.
In January, package maintainers for open source framework PyTorch said a malicious dependency imitating one of its own was available on PyPI during the holiday season. The malicious package shared a name with torchtriton but included code that would upload sensitive data from a victim's machine.
In May 2022, analysts discovered a typo-squatting supply-chain attack targeting PyPI. This attack specifically focused on PyPI packages "ctx" and a fork of PHP "phpass", with the intent of stealing AWS credentials.