A dozen malicious Python packages were uploaded by a user called devfather777 to the PyPI repository last weekend to conduct a typosquatting campaign that attacks Counter Strike 1.6 servers with DDoS attacks.

Threat actors abuse the PyPI repository to steal developer credentials or deploy malware. Developers were tricked into using the malicious versions by the threat actors by naming them similar to popular and original packages.

Malicious packages on PyPI

The complete list of uploaded malicious PyPI packages includes Gesnim, Kears, TensorFolw, Seabron, tqmd, lxlm, mokc, ipaddres, ipadress, falsk, douctils, and inda.

The typosquatting campaign

  • In typosquatting attacks, developers mistakenly use a malicious package whose name is similar to a legitimate package.
  • Among the packages used in this campaign are Gesnim (Gensim), TensorFolw (TensorFlow), and ipaddres (IP address).
  • The software packages are usually fetched from the repository via the developer's computer, so it is quite possible to make mistakes such as typing a letter incorrectly. 
  • The victim fails to realize the error and the device is infected when the software download carries on as expected.

Attack flow

  • The embedded code in setup.py confirms that the host system is a Windows system once the malicious Python package has been installed. 
  • If not, the Python code quits, and if so, it downloads the file test.exe from GitHub.
  • The malware installs itself on the infected system. The virus is persistent by executing itself after every reboot by placing itself in the Startup directory, which is a very simple method of installation
  • Furthermore, the malware installs a system-wide Root certificate.
  • In order to receive its configuration, the malware connects to a URL via HTTP. 
  • A malware that fails to fetch the configuration from a URL after three tries look for responses to HTTP requests sent to DGA addresses.

A DDoS attack was launched against the Russian Counter Strike 1.6 server following the attacker's update to the malware configuration. A counter-attack appears to be taking down the Counter Strike Server by flooding it with traffic from infected devices.

Similar attacks

In June, the PyPI repository was identified to contain Python packages to steal sensitive data including AWS credentials and environment variables.
In another attack carried out in June itself, three PyPI packages were discovered using a malicious dependency.

Final thoughts

Since the 12 legitimate Python packages combined have over 500 million downloads each month, they were selected due to their popularity. With attackers becoming more sophisticated, it is very likely that using a legitimate service such as GitHub to host malware will not raise any major doubts. While the GitHub repository used for hosting the malware has been taken down, the threat actor could exploit another file hosting service to resume the malicious operation.
Cyware Publisher