Malicious Python packages found exfiltrating user data to Telegram bot
Appears to be part of a wider operation by crime gang based in Iraq, say Checkmarx researchers
Researchers at security vendor Checkmarx have uncovered an operation, apparently based in Iraq, that uses malware hosted on the Python repository PyPI to search for files on the victim's device and exfiltrate them to a Telegram bot.
The malicious packages, all of which now seem to have been removed from PyPI, were named testbrojct2, proxyfullscraper, proxyalhttp and proxyfullscrapers.
The packages contained an __init__.py file that harboured malicious code, designed to search for files with the .py, .php,.zip, .png, .jpg and .jpeg extensions in the root and DCIM folders, and forward them to a Telegram bot.
The malicious packages were uploaded to PyPI by a user called "dsfsdfds".
The Checkmarx researchers were able to gain access to the Telegram bot and observe its activities. According a report by Checkmarx security researcher Yehuda Gelb, the bot has been active since 2022 and contains over 90,000 messages, mostly in Arabic.
Furthermore, the bot's operator was found to maintain several other bots, used for several different criminal activities, from spam and login fraud to theft.
"What initially appeared to be an isolated incident of malicious packages turned out to be just the tip of the iceberg, revealing a well-established criminal ecosystem based in Iraq," the report states.
"The ecosystem combines various nefarious activities through time," Gelb said in a statement emailed to Computing.
"The ones that we have detected so far have been: financial fraud, data exfiltration through malicious PyPI packages, possible identity theft (given the types of data stolen), and social media manipulation services."
Developers downloading the malware-laced Python packages risk having their data stolen, and users of any software built with them could be similarly at risk.
"This particular attack vector is not limited to end-users and can indeed impact enterprises as well," said Gelb. "While the initial compromise might occur on an individual developer's machine, the implications for enterprises can be significant."
This is far from the first time that malicious packages have been found on PyPI, which is a popular target for supply chain attacks, given the widespread use of Python.
In March, North Korean hacking group Lazarus was found to have uploaded malicious packages to the repository.
In 2022, compromised versions of ctx, a module that extends the built-in dictionary feature in Python and which was downloaded more than 20,000 times per week, and phpass, a password-hashing framework used in PHP applications, were discovered. In those cases, attackers had taken over packages that, while widely used, had apparently been abandoned by their developers.
Open source ecosystems will always be vulnerable to supply chain attacks, and users are advised to use vulnerability scanners and threat intelligence before deploying or updating third-party modules.