Ahoy, there’s malice in your repos—PyPI is the latest to be abused

Ahoy, there’s malice in your repos—PyPI is the latest to be abused
Getty Images

Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found.

The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those of legitimate and often widely used packages already available there, Ax Sharma, a researcher at security firm Sonatype reported. So-called typosquatting attacks succeed when targets accidentally mistype a name such as typing “mplatlib” or “maratlib” instead of the legitimate and popular package matplotlib.

Sharma said he found six packages that installed cryptomining software that would use the resources of infected computers to mine cryptocurrency and deposit it in the attacker’s wallet. All six were published by someone using the PyPI username nedog123, in some cases as early as April. The packages and download numbers are:

  • maratlib: 2,371
  • maratlib1: 379
  • matplatlib-plus: 913
  • mllearnlib: 305
  • mplatlib: 318
  • learninglib: 626

The malicious code is contained in the setup.py file of each of these packages. It causes infected computers to use either the ubqminer or T-Rex cryptominer to mine digital coin and deposit it in the following address: 0x510aec7f266557b7de753231820571b13eb31b57.

PyPI has been a frequently abused repository since 2016 when a college student tricked 17,000 coders into running the sketchy script he posted there.

Not that PyPI is abused any more than other repositories are—last year, packages downloaded thousands of times from RubyGems installed malware that attempted to intercept bitcoin payments. Two years before that, someone backdoored a 2-million-user code library hosted in NPM. Sonatype has tracked more than 12,000 malicious NPM packages since 2019.

It’s tempting to think that a fair number of the downloads counted in these events were done automatically and never resulted in computers getting infected, but the college student’s experiment linked above argues otherwise. His counterfeit Python module was executed more than 45,000 times on more than 17,000 separate domains, some belonging to US governmental and military organizations. This kind of promiscuity was never a good idea, but it should be strictly forbidden going forward.