They discovered 11 malicious packages in PyPI

A few days ago the notification that 11 packages containing malicious code were identified in the PyPI directory (Python package index).

Before problems were identified, packages were downloaded about 38 thousand times in total It should be noted that the malicious packets detected are notable for the use of sophisticated methods to hide communication channels with the attackers' servers.

The packages that were discovered are the following:

  • importantpackage (6305 downloads) e important-package (12897): these packages establish a connection to an external server under the guise of connecting to to provide shell access to the system (reverse shell) and use the trevorc2 program to hide the communication channel.
  • pptest (10001) and ipboards (946): used DNS as a communication channel to transfer information about the system (in the first packet, the hostname, working directory, internal and external IP, in the second, the username and the hostname).
  • owlmoon (3285) DiscordSafety (557) y yiffparty (1859) - Identify the Discord service token on the system and send it to an external host.
  • trrfab (287): Sends the identifier, hostname, and content of / etc / passwd, / etc / hosts, / home to an external host.
  • 10cent10 (490) - Established a reverse shell connection to an external host.
    yandex-yt (4183): showed a message about the compromised system and redirected to a page with additional information about additional actions, issued through (

Given this, it is mentioned that special attention should be paid to the method of accessing external hosts that are used in packets importantpackage and important-package, which use the Fastly content delivery network used in the PyPI catalog to hide their activity.

In fact, the requests were sent to the server (including specifying the name of in SNI within the HTTPS request), but the name of the server controlled by the attacker was set in the HTTP header "Host ». The content delivery network sent a similar request to the attacker's server, using the parameters of the TLS connection to when transmitting data.

The infrastructure of PyPI is powered by the Fastly Content Delivery Network, which uses Varnish's transparent proxy to cache typical requests, and uses CDN-level TLS certificate processing, rather than endpoint servers, to forward HTTPS requests through the proxy. Regardless of the destination host, requests are sent to the proxy, which identifies the desired host by the HTTP "Host" header, and the domain host names are linked to the CDN load balancer IP addresses typical of all Fastly clients .

The attackers' server also registers with CDN Fastly, which provides everyone with free rate plans and even allows anonymous registration. Notably a scheme is also used to send requests to the victim when creating a "reverse shell", but started by the attacker's host. From the outside, the interaction with the attacker's server looks like a legitimate session with the PyPI directory, encrypted with the PyPI TLS certificate. A similar technique, known as 'domain fronting', was previously used actively to hide the hostname by bypassing locks, using the HTTPS option provided on some CDN networks, specifying the dummy host in the SNI and passing the name of the host. host requested in the HTTP host header within a TLS session.

To hide the malicious activity, the TrevorC2 package was additionally used, which makes the interaction with the server similar to normal web browsing.

The pptest and ipboards packets used a different approach to hide network activity, based on encoding useful information in requests to the DNS server. Malicious software transmits information by performing DNS queries, in which data transmitted to the command and control server is encoded using the base64 format in the subdomain name. An attacker accepts these messages by controlling the domain's DNS server.

Finally, if you are interested in knowing more about it, you can consult the details In the following link.

The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.



  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.