Python developers have been urged to remain vigilant against a highly sophisticated malware campaign targeting the software supply chain.
The campaign, which combines a series of TTPs to covertly steal sensitive data, was revealed by researchers at security firm CheckMarx and is believed to have impacted more than 170,000 users so far.
Checkmarx discovered that hackers are using distributed malicious versions of open source tools with clickbait descriptions to trick victims searching for popular development software.
The threat actors used a website disguised as a Python package mirror, using URL hijacking techniques such as typosquatting to imitate the official Python mirror where authentic PyPi package artifact files are usually stored.
The attackers used a function in the Python package manager, pip, to dictate the URL from which the manager will grab other package dependencies, providing its fake Python replica as a source for downloading packages.
For example, the fake Python mirror hosts a poisoned version of the popular Colorama tool, which has more than 150 million monthly downloads.
Threat actors embedded the harmful payload within Colorama using space filling, making it extremely difficult for the average developer to detect any malicious potential in what appears to be a legitimate dependency.
In November 2022, a PyPi user named 'felpes' added three packages containing malicious code to the package index.
The domain typosquatting 'pypihosted[.]org' was registered by the threat actor on February 1, 2024, and a month later by a contributor to the popular search and discovery platform top.gg for Discord.
The user in question, editor-syntax, was an influential maintainer of top.gg, which had a community of over 170,000 users, and hackers were able to hijack this account and use its reputation to send malicious commits to popular repositories.
When successfully deployed, the malware targets a number of popular software applications and steals sensitive information such as browser data, Discord data, cryptocurrency wallets, Telegram sessions, computer files, and Instagram data.
Python developers need to change their habits to avoid future supply chain attacks
The attack takes advantage of the trust built in the development community, according to Checkmarx, which concluded that this trust ultimately allowed the malware to be distributed to unsuspecting developers relying on the integrity of the Python package ecosystem.
“By manipulating the package installation process and exploiting the trust that users place in the Python package ecosystem, the attacker ensured that the malicious “colorama” package was installed whenever the malicious dependency was specified in the project requirements. . “
Checkmarx said the campaign highlights the importance of vigilance on the part of developers when installing packages and repositories, even from trusted sources.
“It is crucial to thoroughly examine dependencies, monitor suspicious network activity, and maintain strong security practices to mitigate the risk of falling victim to such attacks.”
A Python developer, Mohammed Dief, published a blog detailing his experience discovering malware in public GitHub repositories and falling victim to this specific attack.
Dief reported seeing a “strange” message while playing on his terminal, stating that there was some problem with Colorama in Python and not paying attention to it.
Dief soon received the same error message but in a different script, alerting him that something was seriously wrong: he had been hacked.
When inspecting the Visual Studio code for Colorama, Dief initially couldn't see anything strange in the code, but after noticing the scroll bar in the code editor, he noticed that the code was hidden from view, pushed to the edge of the page using spaces.
Digging deeper into the code itself, Dief noticed that the attacker could execute the malicious code on the target machine without even requiring the use of Colorama.
“The attacker can execute dynamic remote Python code on the victim machine every time colorama is imported. Just like importing it, there is no need to use colorama in the code for the exploit to work, because the malware exists in __init__ .py and will run regardless of whether you use it or not.”
After checking every repository and project he had installed or used pip on, Dief was able to confirm that the malware was delivered after he had cloned the maleduque/Valorant-Checker repository.
Additional searches revealed that there were nine repositories containing the Colorama malware, prompting Dief to warn developers who could have downloaded any of the repositories on the list to have their systems checked.
This includes downloading other repositories from users who maintain repositories containing colorama.
Dief concluded by asking developers to diligently inspect repositories before downloading them and not to trust any domains that are not hosted on pypi.
“[T]The point of this article is to always check the repository before downloading anything and never trust content hosted on pypihosted.org or pythonhosted.org, whether it is hosted on pypi or malware.”
