Python developers have been urged to remain vigilant over a highly sophisticated malware campaign targeting the software supply chain.
The campaign, which combines a number of TTPs to covertly steal sensitive data, was revealed by researchers at security firm CheckMarx and is believed to have impacted more than 170,000 users so far.
Checkmarx found hackers are using distributed malicious versions of open source tools with clickbait descriptions to trick victims searching for popular development software.
Threat actors used a website disguised as a python package mirror, using URL hijacking techniques like typosquatting to mimic the official python mirror where authentic artefact files of PyPi packages are usually stored.
The attackers used a feature in the python package manager pip to dictate the URL from which the manager will take other package dependencies, providing their fake python mirror as the source for downloading packages.
For example, the fake python mirror hosts a poisoned version of the highly popular tool Colorama, which has over 150 million monthly downloads.
Threat actors embedded the harmful payload within Colorama via space-padding, making it extremely difficult for the average developer to spot any malicious potential in what appears to be a legitimate dependency.
In November 2022, a PyPi user named ‘felpes’ added three packages that contained malicious code to the package index.
The typosquatting domain ‘pypihosted[.]org’ was registered by the threat actor on 1 February 2024 and one month later a contributor to the popular top.gg search and discovery platform for Discord.
The user in question, editor-syntax was an influential maintainer of top.gg, which boasted a community of over 170,000 users, and the hackers were able to hijack this account and use its reputation to push malicious commits to popular repositories.
When successfully deployed, the malware targets a number of popular software applications, stealing sensitive information such as browser data, Discord data, cryptocurrency wallets, Telegram sessions, computer files, and Instagram data.
Python developers need change habits to avoid future supply chain attacks
The attack takes advantage of the trust built up in the development community, according to Checkmarx, which concluded that this trust ultimately enabled the malware to be distributed onto unsuspecting developers relying on the integrity of the python package ecosystem.
“By manipulating the package installation process and exploiting the trust users place in the Python package ecosystem, the attacker ensured that the malicious "colorama" package would be installed whenever the malicious dependency was specified in the project's requirements. “
Checkmarx said the campaign highlights the importance of vigilance on the part of developers when installing packages and repositories, even from trusted sources.
“It is crucial to thoroughly vet dependencies, monitor for suspicious network activity, and maintain robust security practices to mitigate the risk of falling victim to such attacks.”
One python developer, Mohammed Dief, published a blog detailing his experience discovering malware in public GitHub repositories, and falling prey to this specific attack.
Dief reported seein a ‘weird’ message when playing around in his terminal, stating that there was something wrong with Colorama on python, and disregarding it.
Dief soon received the same error message but in a different script, alerting him that something was seriously wrong - he’d been hacked.
When inspecting the Visual studio code for Colorama, Dief initially couldn't see anything untoward in the code, but after noticing the scroll bar in the code editor he noticed code that was concealed from view, pushed to the edge of the page using spaces.
Digging into the code itself, Dief noticed the attacker was able to execute the malicious code on the target machine without even requiring Colorama to be used.
“The attacker is able to execute dynamic remote python code on the victim machine every single time colorama is being imported, Like just being imported you don’t have to use colorama in your code for the exploit to work, because the malware exists in __init__.py it’s going to get executed no matter if you use it, or not.”
After checking every single repository and project he had installed or used pip in, Dief was able to confirm the malware was delivered after he had cloned the maleduque/Valorant-Checker repository.
Further searches revealed there were nine repositories that contained the Colorama malware, prompting Dief to warn developers who might have downloaded any of the repos on the list to check their systems.
This includes downloading other repositories from users maintaining the colorama-containing repos.
Dief concluded by asking devs to diligently inspect repositories before downloading, and not to trust any domains that aren’t hosted on pypi.
“[T]he point of this article is always check the repo before downloading anything, and never trust content hosted on pypihosted.org or pythonhosted.org, either it’s hosted on pypi or it’s a malware”.
