Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label PyPI. Show all posts
Technology
Checkmarx Crypto Crypto Wallets cryptocurrency CyberCrime cybercriminals Cyberthreats PyPI Technology

PyPI Hosts Malicious Tools Targeting Crypto Wallets

 


During an investigation conducted recently, it was discovered that several malicious packages masquerading as services for recovering cryptocurrency wallets were found in the Python Package Index repository, revealing that they were spying on sensitive personal information and helping to steal cryptocurrency. A Checkmarx researcher described the attack as targeting Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and many other prominent wallets within the crypto ecosystem in a report released on Tuesday. 

It was found that the packages presented themselves as tools that could extract mnemonic phrases and decrypt wallet data, suggesting that they could provide value to cryptocurrency users who are looking to recover or manage wallets" As long as cryptocurrencies remain a prime target for cybercriminals, they will continue to thrive in the ecosystem. 

The recent discovery of malicious packages located on the Python Package Index (PyPI) repository in the Python distribution has led to several tools that masquerade as tools that can help recover and manage crypto wallets. It is a fake tool that is used to steal sensitive information from users and facilitate the theft of valuable digital assets, among other things. 

According to Checkmarx researchers, there have been several malicious Python packages found on PyPI that attack users of leading cryptocurrency wallets like Atomic, Trust Wallet, MetaMask, Ronin, TronLink, and Exodus, as well as other popular apps. According to Checkmarx, the names of the packages in the Cryptocurrency ecosystem packages are deliberate efforts aimed at luring developers who are active in cryptocurrency ecosystems. 

The package descriptions on PyPI also came with links to installation instructions, examples on how to use them, and in one case, even an explanation of the "best practices" for virtual environments for installation. Again, this was meant to lend legitimacy to the libraries. Furthermore, the threat actor behind the campaign did more than simply deceive users about the popularity of the packages within the campaign, as they also displayed false download statistics, creating the impression that the packages were trustworthy and popular. 

In the identified PyPI packages, there was a dependency called cipherbcryptors that was required for the malicious code to be executed while in a few other cases, the Malware relied on ccl_leveldbases, which seemed to be an attempt to obfuscate the functionality by using another package. This is an important point to note in the case of the malicious functionality in the packages since the malicious functionality is only activated when certain functions are called, which is a departure from the typical pattern where such behaviour would be activated automatically by the installed package upon installation. 

An end-to-end process is then used to exfiltrate the data from the remote server into the hinterland. As Gelb explains, the attacker deployed an additional layer of security as he did not hard-code the address of their command-and-control server into any of the packages that were distributed. They had to rely on external sources to retrieve the information in a dynamic way rather than using internal resources. A technique commonly referred to as a dead drop resolver provides attackers with the flexibility to update the server information without having to update the packages themselves to take advantage of this type of attack. 

Furthermore, should the servers have to be taken down, it will make the process of switching between server infrastructures as simple as possible. This information has been collected to determine whether the attackers as part of their strategy to lure developers and end users will be successful. The author provides a great deal of information about the packages, including detailed descriptions, installation instructions, usage examples, and even best practices for running virtual machines at home. The hackers also manipulated download statistics to mislead the users into believing that the program was popular and trustworthy. 

It is noteworthy that the attackers used a technique known as a dead drop resolver to retrieve the addresses of their command and control servers efficiently. As a result of not hard-coding the server addresses within the packages, they will be able to update information about the servers without having to push new package versions, so security measures will be unable to detect and block the server updates. There was a recent discovery of fake crypto wallet recovery tools on PyPI. This underlines how cybercriminals are continuously evolving their tactics to target cryptocurrency and the crypto sector as a whole. 

The developers and users are equally responsible for safeguarding their digital assets, ensuring they are vigilant, practising due diligence when installing software packages, and utilizing security solutions such as Vulert to protect their assets. According to details revealed in August 2024, CryptoCore, an elaborate cryptocurrency scam that uses fake videos or hijacked accounts on social media platforms such as Facebook, Twitch, X, and YouTube as a method of tying users into selling their crypto assets under the guise of fast and easy profits, has been operating since August 2024. 

"This scam group and its giveaway campaigns will deceive users into sending their cryptocurrencies to the scammers' wallets by using deepfake technology, hijacked YouTube accounts, and professionally designed websites to deceive them into sending their cryptocurrencies to the scammers' wallets," Avast researcher Martin Chlumecký said. The most common way for scammers to convince potential victims that messages or events published online are official communications from trusted social media accounts or event pages is to persuade them to believe what is being posted online can be trusted. As a result, they can profit from the trust attached to the chosen brand, person, or event. 

Last week, a rogue Android app was impersonating the genuine WalletConnect protocol, which was used by the malware to steal around $70,00 in cryptocurrency by initiating fraudulent transactions from infected devices, as revealed by Check Point.
Read more »
Supply-chain
Cyber Attacks Cyber Hijack Cyber websites CyberCrime Cyberhackers JFrog Security malicious PyPI python Software Supply-chain

22,000 PyPI Packages Affected by Revival Hijack Supply-Chain Attack

 


It has been discovered that hackers can distribute malicious payloads easily and efficiently through the package repository on the PyPI website by using a simple and troublesome exploit. A JFrog security researcher has discovered a new supply chain attack technique using which they can attack PyPI repositories (Python Package Index) that can be used to hack them. 

Hundreds of thousands of software packages can potentially be affected by this attack technique and countless users could be affected as a result. A technique known as "Revival Hijack," exploits a policy loophole by which attackers may re-register the names of packages that have been removed from PyPI by their original developers and hijack the names themselves once the packages have been removed from PyPI. 

As part of an attack against the Python Package Index (PyPI) registry, a new supply chain attack technique has been uncovered in the wild, which is designed to infiltrate downstream organizations by exploiting the PyPI registry. There is an attack vector called "Revival Hijack" which involves the registration of a new project with a name that matches a package that has been removed from the PyPI platform which may then serve as an attack vector. 

If a threat actor manages to do this, then they will be able to distribute malicious code to developers who pull updates periodically. A software supply chain security firm named JFrog, which specializes in software supply chain security, has codenamed this attack method Revival Hijack, claiming to be able to hijack 22,000 existing PyPI packages, which in turn will result in hundreds of thousands of malicious packages being downloaded. 

There are more than 100,000 downloads or six months' worth of activity on the affected packages and are more susceptible to exploits. A very common technique used by Revival Hijack is to take advantage of the fact that victims are often unknowingly updating once-safe packages without being aware that they have been altered or compromised. Further, CI/CD machines are set up with a mechanism for automatically installing package updates so that they can be applied right away. 

A similar attack technique was discovered by Jfrog earlier this year, which is one of several different attacks that adversaries have been developing in recent years to try and sneak malware into enterprise environments using public code repositories like PyPI, npm, Maven Central, NuGet, and RubyGems, and to steal sensitive data. As a part of these attacks, popular repositories have often been cloned and infected, poisoning artifacts have been used, and leveraged leaked secrets such as private keys and database certificates have been revealed. 

According to JFrog researchers Brian Moussalli and Andrey Polkovnichenko, there is a much higher risk here than in previous software supply chain hacks that relied primarily on typosquatting and human error to distribute malicious code throughout software websites. When a developer decides to delete a project from PyPI, they are given a warning about the potential repercussions that may arise, including the Revival Hijack scenario that could occur. 

The dialogue warns that deleting this project will give the name of the project to anyone else who uses PyPI", so please refrain from doing so. In this scenario, the user will be able to issue new releases under the project name as long as the distribution files have not been renamed to match those from a previously released distribution. According to the motive of the attacker, the "Revival Hijack" attack vector can result in hundreds of thousands of increments as a result of the attack, depending on the motive. 

As far as exploiting this technique is concerned, it can be applied to exploiting abandoned package names to spread malware. Researchers observed this in action with the hijack of the "pingdomv3" package, which was detected by research teams. This package has been given the version number 0.0.0.1 to avoid a dependency confusion attack scenario, in which developer packages would be pulled by pip upgrade commands when they were run as a part of the upgrade process. 

In addition, it is worth noting that Revival Hijack has already been exploited in the wild, by an unknown threat actor called Jinnis who introduced a benign version of a package titled "pingdomv3" on March 30, 2024, just two days after the original package's owner (cheneyyan) removed it from PyPI. There has been a report that says the new developer has released an update containing a Base64-encoded payload, which checks for the presence of the "JENKINS_URL" environment variable, and if it exists, executes an unknown next-stage module retrieved from a remote server after checking for the appearance of the "JENKINS_URL." environment variable. 

Although JFrog proposed this precaution as a preventative measure, over the last three months it has received nearly 200,000 downloads both manually and automatically, proving that the Revival Hijack threat is very real, the security company announced. In making an analysis of this data, JFrog reported that there are outdated jobs and scripts out there that are still searching for the deleted packages, as well as users who manually downloaded these packages due to typosquatting. 

Depending on how the hijacked packages are hijacked, the adversaries may attach a high version number to each package, which will cause the CI/CD systems to automatically download the hijacked packages believing they are the latest version. This will ultimately cause a bug to develop, JFrog explained. As a result of the company's recommendation, PyPI has effectively prohibited the reuse of abandoned package names as well.

Some organizations use PyPI that need to be aware of this attack vector when updating to new versions of the package, JFrog warns. There is a non-public blacklist maintained by PyPI, which prevents certain names from being registered on new projects, but most deleted packages don't make it to that list because there is a non-public blacklist maintained by PyPI. It was due to this that the security firm took indirect measures to mitigate the "Revival Hijack" threat and added the most popular of the deleted and vulnerable packages to an account named security_holding under which they could be monitored. 

As a result of the researchers changing the version numbers of the abandoned packages to 0.0.0.1, they make sure that it does not affect active users while updating the packages. As a result, the package names are preserved and are not susceptible to theft by malicious actors who may want to use them for offensive purposes. The third month later, JFrog discovered that the packages in their repository seemed to have been downloaded by nearly 200,000 people due to automatic scripts or user errors. There are a lot more risks involved in "Revival Hijack" than the standard typosquatting attacks on PyPI. 

This is because users pulling updates for their selected projects for which they have permission do not make mistakes when doing so. It's best to mitigate this threat by utilizing package pinning to stay on a known secure version, verify the integrity of the package, audit its contents, and watch for any changes in package ownership or unusual updates.
Read more »
suspension
combat malware Malware Campaign new user registration PyPI suspension

PyPI Halts New User Registrations to Combat Malware Campaign

 

The Python Package Index (PyPI) has implemented a temporary halt on user registrations and the creation of new projects due to an ongoing malware scheme. PyPI serves as a central hub for Python projects, aiding developers in discovering and installing Python packages.

With a vast array of packages available, PyPI becomes an attractive target for malicious actors who often upload counterfeit or fraudulent packages, posing risks to software developers and potentially initiating supply-chain attacks. Consequently, PyPI administrators recently announced the suspension of new user registrations to address this malicious activity.

According to a report by Checkmarx, cyber threat actors began uploading 365 packages to PyPI, masquerading as legitimate projects. These packages contain malicious code within their 'setup.py' files, which triggers upon installation, attempting to retrieve additional harmful payloads from remote servers.

To avoid detection, the malicious code encrypts using the Fernet module, with the remote server's URL dynamically generated as required. The ultimate payload includes an information-stealing mechanism with persistent capabilities, targeting data stored in web browsers such as login credentials, cookies, and cryptocurrency extensions.

Checkmarx has published a comprehensive list of identified malicious entries, featuring numerous typosquatting variants of genuine packages. However, Check Point researchers reveal that the list of malicious packages exceeds 500 and was deployed in two phases. Each package originated from unique maintainer accounts with distinct names and email addresses.

The researchers note that each maintainer account uploaded only one package, suggesting the use of automation in orchestrating the attack. All entries shared the same version number, contained identical malicious code, and displayed randomly generated names.

This incident underscores the critical importance for software developers and package maintainers to rigorously verify the authenticity and security of components sourced from open-source repositories. Notably, this is not the first time PyPI has taken aggressive measures to protect its community from malicious submissions. Similar actions were taken on May 20 last year.
Read more »
Safety
Backdoor Cyber Security Data Safety data security PyPI python Safety

PyPI Enforces the Usage of Two-factor Authentication for All Software Publishes

 

The Python Package Index (PyPI) has stated that by the end of the year, every account that maintains a project on the system will be compelled to enable two-factor authentication (2FA). PyPI is a software repository for Python programming language packages. 

The index contains 200,000 packages, allowing developers to identify existing packages that meet specific project needs, saving time and effort. The PyPI team said the decision to make 2FA required for all accounts is part of their long-term commitment to strengthening platform security, and it supports earlier steps such as barring compromised credentials and enabling API tokens.

The reduced danger of supply chain assaults is one advantage of 2FA protection. These attacks occur when an intruder obtains authority over a software maintainer's account and installs a backdoor or malware to a package that is used as a dependency in other software projects.

Depending on the popularity of the product, such attacks may affect millions of people. While developers are responsible for thoroughly checking the building components of their projects, PyPI's measures should make it easier to avoid this type of issue.

Furthermore, in recent months, the Python project repository has been plagued by frequent virus uploads, famous package imitations, and the re-submission of dangerous code using hijacked identities.

The problem became so severe that PyPI was forced to temporarily halt new user and project registrations last week until an adequate defense solution could be designed and implemented. 2FA protection will help to lessen the problem of account takeover attempts, and it should also limit the number of new accounts a suspended user may create in order to re-upload dangerous packages. The deadline for implementing 2FA on all project and organization maintainer accounts is the end of 2023.

In the next months, impacted customers should prepare for and implement the additional security precaution, which may be accomplished using either a hardware key or an authentication app.

“The most important things you can do to prepare are to enable 2FA for your account as soon as possible, either with a security device (preferred) or an authentication app, and to switch to using either Trusted Publishers (preferred) or API tokens to upload to PyPI.” - PyPI

In accordance to the PyPI team, the preparatory work performed in previous months, such as introducing 'Trusted Publishing,' combined with parallel initiatives from platforms such as GitHub that have helped developers familiarise themselves with 2FA requirements, make this year an ideal time to introduce the measure.
Read more »
Spyware
Data Safety malware PyPI python Safety Security Spyware

Spyware Offered to Cyberattackers via PyPI Python Repository

 

Researchers spotted malware peddlers openly selling an info-stealer on the Python Package Index (PyPI) — the official, public repository for the Python programming language — with only the thinnest concealment.

The attackers, who Sonatype researchers linked to the SylexSquad malware-as-a-service (MaaS) gang in Spain, gave their programme a not-so-subtle name: "reverse-shell." Reverse shells are programmes that are often used by hackers to run commands remotely and receive data from targeted machines.

"I think what's quite funny about this is that it's just so blatant," says Dan Conn, developer advocate at Sonatype. "Perhaps SylexSquad were advertising themselves, or they simply didn't care about being caught."

Inside the'reverse-shell' Data-Heisting Malware

Sonatype researchers were taken aback when they discovered a package dubbed "reverse-shell" on a public forum. "Why would someone name a malicious package in such a blatantly obvious way?" the researchers pondered in their blog article for Malware Monthly.

In actuality, the programme turned out to be much more than a reverse shell. This was revealed when the researchers studied one of its files, "WindowsDefender.py." WindowsDefender.py contains several routines with apparent names, such as get_login_data(), get_web_history(),get_downloads(),get_cookies(),get_credit_cards(),ImageGrab.grab().

According to the theme, the hackers had not gone to great lengths to conceal their intentions: this was malware designed to steal information.

"With no obfuscation, [this] appears to be a Discord bot that executes commands and performs actions on the infected machine," according to the analysis. "The malware can retrieve cookies, take screenshots, run shell commands, steal browsing history, and send all this data to the attacker's Discord channel."

More information can be found in another file called "setup.py." There were multiple Spanish-language instructions here to "Clone GitHub repository and execute file," "replace with URL of your GitHub repository," and "path where you want to clone the repo" — indicating that reverse-shell was a MaaS product.

Further investigation revealed several "Made by SylexSquad" tags sprinkled throughout the code, some of which was minimally obfuscated. The researchers discovered that SylexSquad was formerly a hacking marketplace running on the Sellix e-commerce platform in 2022. It has subsequently been decommissioned.

Publishing so publicly to a public repo could have been a deliberate attempt by the organisation to draw attention to their product. "How do we know about groups like Anonymous, LulzSec, or Killnet?" Conn inquires rhetorically. "It's because they get a bad reputation."

However, PyPI is considerably more valuable to them than that.

Why Do Hackers Use Public Repositories?

According to Sonatype, the SylexSquad attackers aren't the only miscreants using forums like PyPI and GitHub, and there are a variety of reasons for their audacity.

"Hosting malicious files on a public repository provides bad actors more control over them," the researchers explained in their blog. "It gives them the power of deleting, upgrading, or even doing version control of the payload."

Among other benefits, "it allows the malware to be shared a lot more widely," Conn elaborates, "and it might actually trip up, in particular, a lot of antivirus software that uses generic signatures — like, actual bytes — to store whether something is malicious or not."

In other words, rather of sending malware upfront, which antivirus scanners may detect fast, hackers can just provide a link to their harmful code elsewhere: "By providing a link to a GitHub, they're perhaps evading that check,"" he says.

To avoid becoming a hotspot for hackers, public repositories have protection safeguards in place. Even the finest scanners and moderators are not perfect, and they cannot be everywhere at the same time.

"Hackers take certain measures like encoding or otherwise obfuscating the code they host, to make it a little bit more difficult for automated engines to pick up," Juan Aguirre, security researcher at Sonatype, points out. SylexSquad encoded its malicious software as numbers in this example, utilising easily reversible ASCII codes for each character.

Sonatype reported the package to the PyPI maintainers, and it was removed. But "it's just a game of cat and mouse," Aguirre says. "Someone catches them and they just run to the next spot."

Aguirre sees this tale as part of a larger issue with open source software: as long as malware developers find use in public repositories, organisations must be conscious of the types of packages they may be picking up.

"It's important to understand what it is that you're running," he concludes. "This is a great case for that. You have to have a bill of materials, you've got to know what you're doing, and what dependencies you're using. If you're just blindly installing things and grabbing code you see, things like this could very easily get into your system."


Read more »
User Privacy
AWS Keys AWS S3 GitHub malware Phishing Attack PyPI Secret Keys User Privacy

PyPl Hosting Malware and AWS Keys 

 

The Python package repository PyPI was discovered to be hosting malware and AWS keys. Tom Forbes, a software developer, created a Rust-based application that searched all new PyPI packages for AWS API keys. The tool returned 57 successful results, some from Louisiana University, Stanford, Portland, Amazon, Intel, and Stanford.

Forbes explains that his scanner searches for AWS keys in fresh releases from PyPI, HexPM, and RubyGems on a recurring basis using GitHub Actions. If it does, it creates a report containing the pertinent information and commits it to the AWS-cred-scanner repository.

According to Forbes' article, "The report comprises the keys that have been found, as well as public link to the keys and additional metadata regarding the release." Github's Secret Scanning service engages because these keys have been uploaded to a public GitHub repository, alerting AWS that the keys have been compromised.

As per Forbes, "It relies on the specific rights granted to the key itself. Other keys I discovered in PyPI were root keys, which are equally permitted to perform any action. The key I discovered that was leaked by InfoSys in November had full admin access, meaning it can do anything. If these keys were stolen, an attacker would have unrestricted access to the associated AWS account."

He claimed that other keys might have more circumscribed but nonetheless excessive permissions. For instance, he claimed it frequently happens that a key meant to grant access to just one AWS S3 storage bucket has unintentionally been configured to give access to every S3 bucket connected to that account.

GitHub's automated key scanning, which includes keys in npm packages, is cited by Forbes as an effective tool. Expressions that GitHub employs to search for secrets are sensitive and cannot be made public. As a result, PyPI and other third parties are basically unable to leverage this decent infrastructure without providing all of the PyPI-published code to GitHub. Further, Forbes recommended that businesses carefully consider their security procedures.

Cybersecurity firm Phylum reported that it uncovered a remote access trojan dubbed pyrologin in a PyPI package in December. Last month, ReversingLabs, another security company, also discovered a malicious PyPI package: the malware was disguising itself as an SDK from SentinelOne, a different security company. And in November, W4SP malware was discovered in dozens of recently released PyPI packages.3,653 harmful code blocks were eliminated as a result of a large-scale malware culling carried out by PyPI in March 2021. 

As a result, AWS creates a support ticket to alert the guilty developer and implements a quarantine policy to reduce the risk of key misuse. However, the issue is that an unethical person might produce comparable scanning software with the intention of abusing and exploiting others. 


Read more »
Software Supply Chain
Data Privacy Discord malware PowerRAT PyPI Safety Security Server Software Supply Chain

The PoweRAT Malware Attacks PyPI Users

 

The software supply chain security company Phylum has discovered a malicious assault using the PoweRAT backdoor and an information thief that targets users of the Python Package Index (PyPI). The campaign was initially discovered on December 22, 2022, when PyroLogin, a malicious Python programme made to retrieve code from a remote server and silently execute it, was discovered.

The EasyTimeStamp, Discorder, Discord-dev, Style.py, and PythonStyles packages all had code that was comparable to PyroLogin, and they were all released to PyPI between December 28 and December 31.

The infection chain starts with a setup.py file, which means that the malware is automatically deployed if the malicious packages are installed using Pip. The infection chain involves the execution of numerous scripts and the exploitation of legitimate operating system features.

The execution process was examined by Phylum, who found attempts to avoid static analysis and the usage of obfuscation. While the malicious code is being performed in the background, a message indicating that "dependencies" are being installed is displayed in order to avoid raising the suspicion of the victims.

The infection chain also involves the setup of numerous potentially harmful programs, the placement of malicious code into the Windows starting folder for persistence, and libraries that let the attackers manipulate, monitor, and record mouse and keyboard input.

Once the virus is installed on the victim's computer, it gives the attackers access to sensitive data such as browser cookies and passwords, digital currency wallets, Discord tokens, and Telegram data. A ZIP archive containing the collected data is exfiltrated.

Additionally, the malware tries to download and install Cloudflare. This Cloudflare command-line tunnel client enables attackers to access a Flask app on the victim's machine without changing the firewall, on the victim's computer.

Using the Flask app as a command-and-control (C&C) client, the attackers can run shell commands, download and execute remote files, and even execute arbitrary Python code in addition to extracting information like usernames, IP addresses, and machine specifics.

The malware, which combines the capabilities of an information thief and a remote access trojan (RAT), also has a feature that sends an ongoing stream of screenshots of the victim's screen to the attackers, enabling them to cause mouse clicks and button presses. Phylum named the malware PoweRAT instead of Xrat "because of its early reliance on PowerShell in the attack chain."

Phylum concludes, "This thing is like a RAT on steroids. It has all the basic RAT capabilities built into a nice web GUI with a rudimentary remote desktop capability and a stealer to boot! Even if the attacker fails to establish persistence or fails to get the remote desktop utility working, the stealer portion will still ship off whatever it found.” 
Read more »
Torchitron
Cyber Security PyPI PyTorch Torchitron

PyTorch Reveals Harmful "Dependency" Strain Compromise over Holidays


What is Torchitron?

PyTorch has found a harmful dependency with the same name as the framework's 'torchtriton' archive. This resulted in an executable compromise through the dependency confusion attack vector. 

PyTorch administrators have warned users that installed PyTorch-nightly during the holidays to remove the framework and the fake torchtriton dependency. From natural language processing to computer vision, the open-source machine learning framework PyTorch has been prominent in both academic and commercial sectors. 

As per PyTorch advisory, at around 4:40 pm GMT on December 30, it learned about a malicious dependency package (torchtriton) that was uploaded to the Python Package Index (PyPI) code repository with the same package name as the one we ship on the PyTorch nightly package index. 

Since the PyPI index takes precedence, this malicious package was installed instead of the version from our official repository. This design enables somebody to register a box by the same name as one that exists in a third-party index, and pip will install their version by default.

This malicious package has the same name torchtriton but added code that uploads sensitive data from the machine. 

Malicious library attacks PyTorch-nightly users

From 25th December to 30th December 2022, users who installed PyTorch-nightly should ensure their systems were not attacked. The warning comes after a torchtriton dependency surfaces over the holidays on the Python Package Index (PyPI) registry, the official third-party software repository dedicated to Python. The PyTorch team recommends "uninstalling it and torchtriton immediately, and using the latest nightly binaries (newer than Dec 30th, 2022)." 

The harmful torchtriton dependency in the PyPI has the same name as the official library posted on PyTorch-nightly's repo. However, while retrieving dependencies in the Python ecosystem, PyPI generally comes ahead, making the malicious package to get attracted to your system instead of PyTorch's open platform. 

Sensitive files compromised claims report

Along with surveying your system for basic fingerprinting like IP address, current working directory, and username, Torchtriton also steals sensitive data.

The main function of the malicious PyPI Triton binary is:

Get system information

  • nameservers from /etc/resolv.conf
  • hostname from gethostname()
  • current username from getlogin()
  • current working directory name from getcwd()
  • environment variables

Read the following files

  • /etc/hosts
  • /etc/passwd
  • The first 1,000 files in $HOME/*
  • $HOME/.gitconfig
  • $HOME/.ssh/*

The malicious binary then uploads all this data (including file contents) to the domain *.h4ck[.]cfd, using the DNS server wheezy[.]io. 

PyTorch has taken the following steps to control the impact:

  • Torchtriton has been removed as a dependency for its nightly packages and replaced with pytorch-triton (pytorch/pytorch#91539) and a dummy package registered on PyPI (so that this issue doesn’t repeat).
  • All nightly packages that depend on torchtriton have been removed from its package indices at https://download.pytorch.org until further notice.
  • It has reached out to the PyPI security team to get proper ownership of the torchtriton package on PyPI and to delete the malicious version.



Read more »
User Security
Cyber Attacks Phishing Attacks PyPI Supply Chain Attack User Security

JuiceLedger Attacker Linked to Phishing Attacks Targeting PyPI Users

 

Threat analysts at SentinelOne and Checkmarx have unearthed the hacker behind the recently launched phishing attacks targeting Python Package Index (PyPI) users. 

Earlier this week on Thursday, researchers disclosed that the supply chain attacks were part of a larger campaign aimed at spreading the JuiceStealer credential-stealing malware since late last year. 

Initially, JuiceStealer was deployed via a methodology called typosquatting, in which the hacker tracked as JuiceLedger injected PyPI with hundreds of packages that nearly impersonated the names of popular ones, in the hopes that some users would fall into a trap and install them. 

The malware was identified on VirusTotal in February when the hacker submitted a Python app that secretly installed the malware. JuiceStealer is developed using the .Net programming framework to steal sensitive data from victims’ browsers. Based on the data extracted from the code, the researchers have linked the malware to activity that started in late 2021 and has evolved rapidly since then. One likely connection is to Nowblox, a fraud site that claimed to offer free Robux, the online currency for the game Roblox. 

Recently, the hacker started employing crypto-themed fake apps such as the Tesla Trading bot, which was deployed in zip files accompanying additional legitimate software. 

"JuiceLedger appears to have evolved very quickly from opportunistic, small-scale infections only a few months ago to conducting a supply chain attack on a major software distributor," the researchers wrote in a post. "The escalation in complexity in the attack on PyPI contributors, involving a targeted phishing campaign, hundreds of typosquatting packages, and account takeovers of trusted developers, indicates that the threat actor has time and resources at their disposal." 

With account takeover attacks becoming a popular technique for hackers looking to exploit software supply chains, PyPI has started imposing a mandatory two-factor authentication (2FA) requirement for projects deemed "critical." People downloading packages from PyPI—or any other open-source repository—should remain vigilant to ensure the software they're downloading is authentic. 

PyPI is by far not the sole code repository that threat actors have exploited recently. Security vendors have reported multiple identical attack incidents involving other widely employed registries such as npm and Maven Central. 

“Given the widespread use of PyPI and other open source packages in enterprise environments, attacks such as these are a cause of concern, and security teams are urged to review the provided indicators and take appropriate mitigation measures,” researchers added.
Read more »
Windows Defender
AWS Data Breach Firewall NPM Package Phishing Attacks PyPI Windows Defender

Python Libraries Hacked AWS Data and Keys  

 

Sonatype researchers have found malicious Python packages that post your AWS credentials and user characteristics to a publicly accessible endpoint rather than just exploiting sensitive data. Some malicious packages with the Sonatypes are as follows:
  • loglib-modules — seems targeted at coders who are familiar with the authentic "loglib library."
  • pyg-modules — seems aimed at coders who are familiar with the basic "pyg" library.
  • Pygrata:Unknown target, pygrata-utils contains identically noxious code to that found in "loglib-modules." 
  • hkg-sol-utils: Unknown goal 

The anti-ransomware detection technology provided by Sonatype as part of Nexus platform products, such as Nexus Firewall, found these packages. Researchers found these packages to be harmful after further analysis, thus, out of precaution, they reported this to the PyPI security team, so these packages were withdrawn. "This kind of package either has code that reads and phishes your secrets or employs a dependency that does it”, according to an analysis by   Sonatype security researchers Jorge Cardona and Carlos Fernández. 

For instance, the malicious software in the packages "loglib-modules" and "pygrata-utils" enables the programs to gather AWS credentials, network interface data, and environment variables and ship them to a remote location. IAM role details for an EC2 cloud instance are reported to be returned using the URL 'hxxp:/169.254.169[.]254/latest/meta-data/iam/security-credentials/'. 

Unsettlingly, there are hundreds of endpoints holding this data. Since TXT files were not encrypted by any security measures, anyone with access to the internet could essentially access these credentials. It's vital to know that packages like "pygrata" depend on one of the two aforementioned modules rather than containing the code themselves. It is still unknown who the malicious actors are and what propels them. 
 
Users of Nexus Firewall are shielded 

If the stolen credentials posted online on purpose or as a result of bad opsec procedures? There isn't enough information available right now to rule out the possibility that this action is suspect, even if it is valid security testing as per researchers. This finding comes after the report last week of several malicious vendors, including the npm package "flame-vali," which repeatedly tried to disable Windows Defender before releasing a trojan.

The software supply chain will be safeguarded from the start thanks to Nexus Firewall instances that immediately quarantine any suspect components found by automated malware detection systems while a subjective evaluation by a researcher is being prepared.
Read more »
Typo Squatting
Cyber Security Info Stealer Password Stealer PyPI Typo Squatting

Info Stealer Identified in a PyPI Package

 

GitHub user duxinglin1 has identified three PyPI packages 'keep,' 'pyanxdns,' and 'api-res-py' using a malicious dependency, 'request,' 

Last month, duxinglin1 uncovered the vulnerable versions containing the misspelled 'request' dependency, rather than the authentic 'requests' library. CVEs assigned to the susceptible versions include: 

• CVE-2022-30877 - 'keep' version 1.2 contains the backdoor 'request', 
• CVE-2022-30882 - 'pyanxdns' version 0.2 impacted 
• CVE-2022-31313 - 'api-res-py' version 0.1 impacted 

According to duxinglin1, the risk with the ‘Keep’ package is pretty high as it particularly receives over 8,000 downloads per week on average, while it is quite opposite with 'pyanxdns' and 'api-res-py' as they are small-scale projects. 

Two years back in 2020, Tencent Onion Anti-Intrusion System unearthed a malicious typosquat 'request' uploaded to the PyPI registry which copied the requests HTTP library but surprisingly dropped malicious info-stealers. 

"We found a malicious backdoor in version 1.2 of this project, and its malicious backdoor is the request package. Even if the request package was removed by PyPI, many mirror sites did not completely delete this package, so it could still be installed,” duxinglin1 explained. The malicious backdoor inside the counterfeit 'request' includes a base64-encoded URL to the 'check.so'. 

The file 'check.so' is loaded with a Remote Access Trojan (RAT), while 'x.pyx' contains data theft malware that exfiltrates cookies and private data from web browsers like Chrome, Firefox, Yandex, Brave, and others. Subsequently, the hackers with access to user credentials attempt to exploit other accounts employed by the developer, potentially leading to additional supply-chain attacks. 

When Bleeping Computer contacted the developers of each of these packages to identify whether this was due to a simple typographical error, or hijacking of maintainer accounts. The author of 'pyanxdns', Marky Egebäck, confirmed this was a result of a typographical error rather than an account compromise. 

Additionally, it appears that the developers of the other two packages also introduced 'request' rather than the legitimate 'requests' due to an innocent typing error. 

"Sorry to say by a simple typo in the setup.py file since git history shows that this was added when the install requires was added by me. This was [an] honest mistake based on a typo in the setup.py. I generally don’t publish things on PyPI but I made this quickly for a friend and myself. Not sure if he has promoted this but the purpose was mainly for personal use in [an] internal docker project," stated Egebäck.
Read more »
Python Package
Cyber Security Discord Malicious Codes PyPI Python Package

11 Malicious Python Packages Uncovered by Researchers

 

Researchers have found 11 malicious Python packages which have been installed more than 41,000 times from the Python Package Index (PyPI) repository that might be used to obtain Discord access tokens, passwords, and even stage dependency misunderstanding attacks. 

These Python packages have now been withdrawn from the repository as a result of JFrog's responsible disclosure —
  • important package / important-package 
  • pptest 
  • ipboards 
  • owlmoon 
  • DiscordSafety 
  • \trrfab 
  • 10Cent10 / 10Cent11 
  • yandex-yt 
  • yiffparty 

Two of the programs ("importantpackage," "10Cent10," and their variants) were discovered to gain a reverse shell upon that compromised system, granting the attacker total control over an affected system. Using a technique known as dependency confusion or namespace confusion, two additional packages, "ipboards" as well as "trrfab" masqueraded as valid dependencies intended to be immediately imported. 

Apart from typosquatting attacks, in which a threat actor purposefully discloses packages with misspelled names of popular variants, dependency confusion works by posting poisoned elements with the same names as valid internal private packages, although with a higher version as well as posted online to public repositories, basically forcing the target's package manager to download and install the nefarious module. 

The dependency "importantpackage" is particularly notable for its new network-based detection technique, which involves exploiting Fastly's the content delivery network (CDN) to disguise connections with the attacker-controlled server as interactions with pypi[.]org. 

The malicious code "causes an HTTPS request to be sent to pypi.python[.]org (which is indistinguishable from a legitimate request to PyPI), which later gets rerouted by the CDN as an HTTP request to the [command-and-control] server," JFrog researchers Andrey Polkovnychenko and Shachar Menashe noted. 

Eventually, both "ipboards" and a fifth package known as "pptest" were revealed to use DNS tunneling as a data exfiltration technique, depending on DNS requests as a means of communicating between both the victim PC and the remote server. According to JFrog, this is the first time the approach has been discovered in malware posted to PyPI. 

Targeting prominent code registries such as Node Package Manager (NPM) JavaScript registry, PyPI, and RubyGems has become routine, opening up a new arena for a variety of assaults. 

"Package managers are a growing and powerful vector for the unintentional installation of malicious code, and […] attackers are getting more sophisticated in their approach," said Menashe, JFrog's senior director of research. "The advanced evasion techniques used in these malware packages, such as novel exfiltration or even DNS tunneling signal a disturbing trend that attackers are becoming stealthier in their attacks on open-source software."
Read more »
Python Package
code execution Cyber Security PyPI Python Package

‘mitmproxy2’ Removed by PyPI due to Code Execution Issues

 

A Python package called 'mitmproxy2' was pulled off from the PyPI repository because it was a replica of the official "mitmproxy" library, though with an "artificially introduced" code execution flaw. 

The official Python library 'mitmproxy' is a free and open-source engaging HTTPS proxy that gets over 40,000 weekly downloads. 

Mitmproxy is an open-source proxy program that uses a man-in-the-middle technique to monitor HTTP and HTTPS connections between any HTTP(S) client (such as a mobile or desktop browser) and a web server (MITM).

Maximilian Hils, one of the developers of the 'mitmproxy' Python library, brought everyone else's attention to a fake'mitmproxy2' package submitted to PyPI, on the 11th of October. "mitmproxy2" is near "the same as regular mitmproxy, but with an artificial RCE vulnerability included." 

As Hils told Bleeping Computer, his biggest worry is that certain software developers would misunderstand 'mitmproxy2' for a newer version of 'mitmproxy,' resulting in vulnerable code being accidentally included in their products. Whilst investigating an unconnected PyPI warehouse problem, Hils came across this imitation package via "happy little accident". 

"When you run mitmproxy's web interface, we expose an HTTP API for that. If you remove all safeguards from that API, everyone on the same network can execute code on your machine with a single HTTP request," Hils told Bleeping Computer in an email interview. 

It's also unclear if the person who released the copycat 'mitmproxy2' software did the same with malevolent purposes or just because of poor coding techniques. It would have been much easier to just put some harmful code that is immediately executed upon installation. 

However, the issue is that if one uploads it to PyPI as 'mitmproxy2' with a version number that says it's newer/superseded, users will undoubtedly download it without realizing the changes. 

While investigating 'mitmproxy2,' BleepingComputer noticed that a new package called 'mitmproxy-iframe' had also arrived on the PyPI repository less than a day after 'mitmproxy2' was deleted. 

Since anyone can upload packages to open-source ecosystems, cybersecurity threats and attacks such as virus injection, typosquatting, brandjacking, and dependency misunderstanding have increased significantly in recent years. 

Such "whack-a-mole" problems will always repeat themselves unless actual validations are implemented by open-source registries.
Read more »
python
Cyber Security Developer Data Malicious actor PyPI python

Malevolent PyPI Packages Detected Filching Developer Data

 

Repositories of software packages have become a frequent target for supply chain attacks. Reports concerning malware attacks on prominent repository systems like npm, PyPI, and RubyGems have been recently surfacing. Programmers completely trust repositories and install packages from such sources, provided that they are trustworthy. 

Malware packages may be posted to the package repository, permitting malicious actors to leverage repository systems to propagate viruses and start successful attacks both on developers and CI/CD machines in the pipeline. 

Eight Python packages that have been installed more than 30,000 times have been deleted from the PyPI portal with malicious code, demonstrating again how software package repositories have developed into a hub for a popular supply chain attack. 

The dearth of moderation and automated security safeguards in public software repositories enables relatively unfamiliar attackers, through typosquatting, dependency misunderstanding, or basic social engineering attempts, to utilize them as a base to disseminate malware. 

PyPI is Python's primary third-party software repository, which has package manager utilities, such as pip, as its default package and dependency source. 

Several of the packages could have been used for more complex threats, allowing the attacker to implement remote code on the target device, collect network data, plunder credit card details, and autosaved passwords in browsers like Chrome and Edge, and sometimes even steal Discord authentication tokens to impersonate the victim. 

PyPI is not alone in software package repositories that appear as a potential attack surface to invasions, with rogue packages identified in npm and RubyGems that might potentially damage a complete system or be a useful jump-off point to deepen the network of a victim. 

"The continued discovery of malicious software packages in popular repositories like PyPI is an alarming trend that can lead to widespread supply chain attacks," said JFrog CTO Asaf Karas. "The ability for attackers to use simple obfuscation techniques to introduce malware means developers have to be concerned and vigilant. This is a systemic threat, and it needs to be actively addressed on several layers, both by the maintainers of software repositories and by the developers." 

Mostly on the programmers' side, precautionary action must form an important part of any CI/CD pipeline, including the confirmation of the signature in the library and the use of automated security instruments that analyze problematic code suggestions included inside the project. Automated tools like these may warn users about the use of harmful code.
Read more »
PyPI
Cyber Security malacious Packages PyPI

Python Package Index Repository Detected With Multiple Malicious Packages

 

In the PyPI repository for Python projects that transformed workstations developers into crypto mining machines, many malicious packaging were captured this week. 

All malicious packages were uploaded on the very same account and the developers tried to install them by using the wrong names for the genuine Python projects, thousands of times. The Python Package Index is the official third-party 

Python software repository is stylized as PyPI and is also referred to as the Cheese Shop. It's the same as CPAN, Perl's repository. Some package managers, notably pip, use PyPI for packages as the default source. 

In April, a total of six harmful packages were infiltrated with the Python Package Index (PyPI) - maratlib, maratlib1, matplatlib-plus, mllearnlib, mplatlib, learning lab. Everything comes from "nedog123" and also most names are misspelled versions of the genuine plot program matplotlib. The "maratlib" packet was evaluated by Ax Sharma, a security researcher at Sonatype, in a blog post. He said the packages were utilized for other malicious components to make them dependent. 

The researcher writes, “For each of these packages, the malicious code is contained in the setup.py file which is a build script that runs during a package’s installation.” Sharma determined that it was attempting to download a Bash script (aza2.sh) from a non-existent GitHub repository during the analyses. 

The author's aliases were tracked by Sharma on GitHub using open-source intelligence and learned that the script's job was to operate an "Ubqminer" crypto miner on the compromised machine. 

The researcher also observes that the creator of malware altered the standard Kryptex wallet address with his own to mine for Ubiq cryptocurrency (UBQ). The script has another crypto mining program in a separate version, the open-source T-Rex that uses GPU power. 

Attackers routinely target open-source code repositories such as PyPI [1, 2, 3], NPM for NodeJS [1, 2, 3], or RubyGems. Although the detection is minimal when there is are low downloads, as usual, there is a major risk that developers would incorporate the malicious code occasionally utilized in applications.
Read more »
spammers
Cyber Attacks GitLab PyPI shady websites spammers

PyPI and GitLab Witness Spam Attacks

 

The GitLab, a source code hosting website, and the Python Package Index (PyPI) portal both are flooded with advertisements for shady websites and assorted services by the spammers. However, both the attacks have no links to each other. 

The PyPI attack in which it is flooded with more than 10,000 listings is the biggest of the two attacks. The Python Package Index (PyPI) is a Python programming language software repository. PyPI allows the user to search and install Python community applications. To deliver their applications, package developers use PyPI. It also hosts tens of thousands of Python libraries. The fact that anybody can create entries in PyPI's website for Python Libraries, which were essentially used as massive SEO advertising for various shady pages, lately has been misused by the spammers. 

These pages typically featured a broth of search-engine-friendly keywords for different topics that varied from games to pornography and films to presents, and a compressed link at the bottom, mostly pointing to a platform attempting to receive data from the payments card. Though the PyPI team has accepted and affirmed that they are aware of the SEO spam flood. "Our admins are working to address the spam," stated Ewa Jodlowska, Executive Director of the Python Software Foundation. She further added, "By the nature of pypi.org, anyone can publish to it, so it is relatively common." 

Although the PyPI spam attack seems to have been going on for at least a month, another new attack has been found at GitLab, a website that allows developers and companies to host and sync the work on source code repositories. A danger that is still unidentified seems to spam the Issues Tracker for thousands of GitLab ventures that each prompted an e-mail to account owners with spam contents. Similar to PyPI spam, these comments have diverted users to shady websites. 

Certainly, GitLab was not prepared for any such attack since the e-mail infrastructure had slackened, interrupted, and queued legit e-mails according to an incident status report published by the company. They said, “We confirmed that mail latency was caused by a user’s spam attack. Mitigation is in progress, as we drain the offending job processing queues.” 

Spamming source code repository seems to be a new strategy for spamming communities, who have generically targeted their comments of shady links on websites, forums, and news portals in recent years. Although spam isn't an attractive attack vector, many businesses frequently struggle to protect servers, web applications and subdomains and often end up exploiting these services to host or actually participate in spam attacks.
Read more »
Subscribe to: Posts (Atom)