Malicious actors have published over 451 unique Python packages in the official Python Package Index (PyPI) repository in an attempt to infect developer systems with clipper malware.
Software supply chain security firm Phylum, which discovered the library, said the ongoing activity is a follow-up to a campaign first revealed in November 2022.
Early vectors should use typosquatting to mimic popular packages such as beautifulsoup, bitcoinlib, cryptofeed, matplotlib, pandas, pytorch, scikit-learn, scrapy, selenium, solana, and tensorflow.
“After installation, a malicious JavaScript file is dropped on the system and runs in the background of web browsing sessions,” Phylum said in a report published last year. “When a developer copies a cryptocurrency address, the address in the clipboard is replaced with the attacker’s address.”
This is accomplished by creating a Chromium web browser extension in the Windows AppData folder and writing malicious Javascript and a manifest.json file.
Targeted web browsers include Google Chrome, Microsoft Edge, Brave and Opera. The malware modifies the browser shortcut to automatically load the add-on on startup using the “–load-extension” command line switch.
The latest set of Python packages demonstrate a similar, if not identical, modus operandi, designed to act as a clipboard-based crypto wallet alternative to malware. What has changed is the obfuscation technique used to hide the JavaScript code.
The ultimate goal of the attack is to hijack cryptocurrency transactions initiated by compromised developers and transfer them to attacker-controlled wallets instead of the intended recipients.
“The attackers have significantly increased their footprint on pypi through automation,” said Phylum. “Packages like this will continue to flood the ecosystem.”
This finding is consistent with Sonatype’s report, which found 691 malicious packages in the npm registry and 49 malicious packages on PyPI in January 2023 alone.
This development once again demonstrates the growing threat developers face from supply chain attacks. Adversaries use methods such as typosquatting to trick users into downloading malicious packages.
