Six dangerous packages were discovered on PyPI, the Python Package Index, that used Cloudflare Tunnel to get over firewall constraints for remote access while also installing data-stealing and RAT (remote access trojan) malware. The malicious packages try to run shell commands, collect typed information, and steal sensitive user data stored in browsers.
The Phylum research team, which keeps a constant eye on PyPI for new campaigns, found the six packages. According to the researchers, the package repository first saw these malicious extensions on December 22. The threat actors kept uploading new packages right up until the end of the year.
The following are the six malicious packages that the Phylum research team found:
- 165 downloads for pyrologin
- 141 downloads for easytimestamp
- 83 downloads from discorder
- 228 downloads of discord-dev
- 193 downloads of style.py
- 130 downloads of Python Styles.
Although PyPI has now removed all of the packages, people who downloaded them must manually remove the infection’s leftovers, most notably the persistence mechanisms.
PowerShell Script Packages Allow For Remote Control
There is a base64-encoded text in the installer (setup.py) for these files that decodes to a PowerShell script. This script sets the ‘-ErrorAction SilentlyContinue’ flag to enable silent script execution even in the event of errors in order to prevent developer discovery.
From a distant resource, the PowerShell script will download a ZIP file, unzip it on a local temporary directory, and then install a series of dependencies and extra Python packages that allow for remote control and screenshot taking. The packages “flask” and “flask_cloudflared” are silently installed at that phase as well.
One of the ZIP files, “server.pyw,” starts four threads: one to ping a proxied onion site, one to start a keyboard logger, and one to harvest data from the compromised machine. The first thread establishes persistence between system reboots.
Among the stolen data are crypto wallets, browser cookies and passwords, Telegram data, tokens(discord), and other details. A ping to the onion site verifies that the info-stealing stage has been successfully completed before the attackers receive this data by zipping it up and sending it to them via transfer[.]sh.
Access To Cloudfare Without Setting Up Firewalls
In order to install a Cloudflare Tunnel client on the victim’s computer, the script now executes “cftunnel.py,” which is also present in the ZIP bundle. Customers, including those with free accounts, can use Cloudflare Tunnel to establish a bidirectional tunnel from a server to the Cloudflare infrastructure.
By using this connection, web servers can immediately become accessible to the whole public via Cloudflare without having to set up firewalls, open ports, or deal with other routing complications. Even when a firewall is in place to safeguard that device, the hackers use this tunnel to remotely access a remote access trojan that is currently operating as the “Flask” script on the infected device.
The attackers’ “xrat” Flask app can exfiltrate particular files and folders, run shell commands on the compromised system, download and launch further payloads, and steal the victim’s username and IP address. This RAT also offers a one-frame-per-second “live” remote desktop broadcast that starts up as soon as the victim enters something or moves their mouse.
This fresh batch of PyPI-uploaded programs is evidence that the platform’s dangers are developing and getting more robust and more creative.
Sadly, taking down the packages and blocking the accounts that published them on PyPI does not deter threat actors from acting again because they may just adopt new aliases. Additionally, even after the apps are taken down from PyPi, they remain on compromised devices, necessitating manual removal by developers.
Steps To Secure PyPI Environment
Thankfully, the Python Software Foundation is aware of how crucial software supply chain security is. By launching a number of significant initiatives, they are actively aiming to be a good steward of the PyPI environment.
- Adding API tokens with two-factor authentication (2FA)
- Constructing an updated dependency resolver for pip
- Package product manager being hired
- The Python Packaging Advisory Database’s creation
- The Update Framework being incorporated into PyPI
- Constructing pip-audit.
Adding 2-Factor Authentication (2FA) and API Tokens: When package administrators log in to the PyPI website, 2FA adds an additional layer of validation. Users who enable 2FA will additionally need to enter an access code from an authenticator app or have a physical security tool like a YubiKey in their possession.
Building a new dependency resolver for pip: Pip is the default package installer for Python. A new dependency solver is currently being released by the Python Software Foundation. The most recent version of pip is significantly more restrictive, preventing users from installing incompatible and/or risky packages simultaneously in a system.
Hiring a packaging product manager: The PyPI project manager was hired by the Python Software Foundation. The service must be made more sustainable and functional, according to the project manager’s mandate.
The Python Packaging Advisory Database’s creation: The Python Package Advisory is community-owned, and it is being created as a database. Updates on vulnerabilities may be submitted by anybody by creating a pull request. While Python, Go, Rust and other programming languages are tracked by Google’s Open Source Vulnerabilities (OSV) database. It offers an API that enables users to programmatically check whether a package version they are using is vulnerable.
The Update Framework’s PyPI integration: The Update Framework (TUF) is a client-side Python implementation of a software update system that can connect to PyPI and download and install package updates automatically. TUF guards against attackers who steal the repository or signing keys as well.
It is strongly advised that if these malicious packages infect you, you run an antivirus scan and then change all of the passwords for the websites you usually visit. Malicious packages try to run shell commands, collect typed information, and steal sensitive user data stored in browsers. The Phylum research team, which keeps a constant eye on PyPI for new campaigns, found the six packages. According to the researchers, the package repository first saw these malicious extensions on December 22. The threat actors kept uploading new packages right up until the end of the year.