FortiGuard Labs’ Q2 2025 analysis found persistent abuse of OSS repositories (NPM and PyPI) to distribute malicious packages that execute during installation and focus on data exfiltration, credential and wallet theft, and increased obfuscation. The report highlights specific malicious packages, detection signatures, and protections available from Fortinet. #simple-mali-pkg-0.1.0 #postcss-theme-vars-7.0.7
Keypoints
- FortiGuard Labs scanned over 1.4 million NPM and 400,000 PyPI packages in Q2 2025 and confirmed over a thousand malicious packages through automated AI-powered detection and analyst review.
- Malicious packages commonly execute code during installation via setup or install scripts, enabling silent deployment of payloads without a large code footprint.
- Attackers favor low file counts, missing linked repositories, and layered code encryption/obfuscation to reduce traceability and evade detection; obfuscation increased compared to the previous quarter.
- Selected Python packages (e.g., simple-mali-pkg-0.1.0, confighum-0.3.5, solana-sdkpy-1.2.5/1.2.6) and an NPM package (postcss-theme-vars-7.0.7) were observed stealing credentials, browser profiles, wallets, documents, and performing keylogging and screenshots for exfiltration.
- Malicious code was hidden in non-obvious files (e.g., mali.py, test-samples.dat) and used socket connections to transmit stolen data to attacker-controlled servers.
- Fortinet protections (FortiGuard AV, Web Filtering, FortiDevSec SCA, FortiGate, FortiMail, FortiClient, FortiEDR) detect and block the identified packages and their download URLs; customers running current updates are protected.
MITRE Techniques
- [T1195 ] Supply Chain Compromise – Attackers publish malicious packages to OSS repositories to propagate malware and dependencies: (‘abuse of OSS repos to propagate malware remains persistent.’)
- [T1027 ] Obfuscated Files or Information – Packages used layered encryption and obfuscation to hide malicious intent and evade detection: (‘a large amount of encrypted code’ / ‘a large amount of obfuscated code’)
- [T1059 ] Command and Scripting Interpreter – Malicious scripts are executed during installation (setup.py runs mali.py) to trigger payloads: (‘a suspicious file is executed in its package, “mali.py”.’)
- [T1555.003 ] Credentials from Web Browsers – Malicious code targets browser profiles to collect saved passwords, autofill data, and extension settings: (‘targets Chrome and Brave browser profiles and collects saved passwords, autofill data, and extension settings’)
- [T1056 ] Input Capture – Keylogging functionality was used to capture keyboard input for credential theft: (‘logs keyboard input’)
- [T1113 ] Screen Capture – The malware captured screenshots to collect visual information for exfiltration: (‘takes screenshots’)
- [T1115 ] Clipboard Data – Attackers monitored clipboard contents to capture copied sensitive data: (‘monitors clipboards’)
- [T1005 ] Data from Local System – The packages scanned the victim’s filesystem to find sensitive files for exfiltration: (‘silently scans the victim’s computer for sensitive files for exfiltration’)
- [T1041 ] Exfiltration Over C2 Channel – Stolen data was transmitted to attacker-controlled remote servers via socket/C2 connections: (‘makes a socket connection to the attacker-controlled remote server’ / ‘transmit data to a remote server controlled by the attacker’)
Indicators of Compromise
- [Package name ] Malicious OSS packages identified on PyPI/NPM – simple-mali-pkg-0.1.0, postcss-theme-vars-7.0.7
- [SHA256 hash ] File hashes for malicious packages – a9114a446a136ddf38c16f9e1bb1a83400cba423d0d97df121a54b67829be7b9 (simple-mali-pkg-0.1.0), 2d9d200b8e167fc95120e893dd3d7d02789a8ba41ba2632af2e342f35d1d2283 (postcss-theme-vars-7.0.7), and 4 more hashes
- [File name ] Malicious payload or obfuscated code filenames within packages – mali.py (inside simple-mali-pkg-0.1.0), test-samples.dat (inside postcss-theme-vars-7.0.7)
- [AV detection ] FortiGuard detection names mapping to identified packages – Python/FreeCodingTools.10037449!tr (multiple Python packages), JS/Stealer.A!tr (postcss-theme-vars-7.0.7)