Researchers have discovered 11 malicious Python packages stealing Discord tokens and installing shells. These malicious packages, in the Python Package Index (PyPI) repository, were downloaded by developers more than 41,000 times.

What has happened?

The malicious packages could be exploited to steal Discord access tokens and passwords, along with carrying out dependency confusion attacks.
  • Two packages (10Cent10 and importantpackage) were discovered obtaining a reverse shell on the targeted system to gain full control over an infected system.
  • Two other packages (ipboards and trrfab) were disguised as genuine dependencies and were created to automatically import by using a technique named dependency confusion or namespace confusion.
  • The dependency (importantpackage) was using a unique exfiltration mechanism to avoid network-based detection, which included the use of Fastly's CDN to mask communications with the attacker’s server.
  • The other packages (ipboards and pptest) were using DNS tunneling as a data exfiltration method by using DNS requests as a communication channel between a victim machine and remote server.

Several packages (including pptest, ipboards, owlmoon, DiscordSafety, trrfab, 10Cent10/10Cent11, and yandex-yt) have been removed from the repository after a disclosure from JFrog.

Recent attacks on package managers

  • Attempts to target well-known code registries such as Node Package Manager, JavaScript registry, PyPI, and RubyGems are becoming more common and creating a new challenge for organizations to stay secure.
  • Recently, two NPM packages with weekly downloads of 22 million were compromised with malicious code.
  • Last month, three NPM developer accounts were compromised to insert malicious code into popular packages.


Package managers are now becoming a common target for cybercriminals to exploit and distribute their malicious tools. Therefore, developers are recommended to implement adequate version control checks to prevent any supply chain or dependency confusion attacks.
Cyware Publisher