By Gabby Xiong, Jin Lee and Amina Qurban | January 22, 2024
Affected platforms: All platforms where PyPI packages can be installed
Impacted parties: Any individuals or institutions that have these malicious packages installed
Impact: Leak of credentials, sensitive information, etc.
Severity level: High
The Python Package Index (PyPI) is an open repository of software packages developed by the Python community to help people quickly develop or update applications. While most of the packages uploaded to PyPI are posted by dedicated individuals looking to support the Python community, threat actors also regularly post packages infected with malware. The FortiGuard Labs team uses a proprietary, AI-driven OSS malware detection system to hunt for and monitor these threats. Recently, we identified a PyPI malware author (who goes by the ID “WS”) discreetly uploading malicious packages to PyPI. We now estimate that there may be well over 2000 victims of “WS” just from the packages described below alone.
The identified packages—nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111—exhibit attack methodologies similar to those outlined in a Checkmarx blog post published four months ago. The similarity suggests a possible connection to a malicious campaign from early 2023. Notably, these packages incorporate base64-encoded source code of PE or other Python scripts within their setup.py files. Depending on the victim devices’ operating system, the final malicious payload is dropped and executed when these Python packages are installed.
A brief timeline of our findings about this info-stealing author is detailed below.
Figure 1: A brief timeline of malicious PyPI packages published by the author “WS”
