PYPI Malware: Over 45K Users Fell Victim To PYPI Packages

Misspelled Python packages on PyPI were used to spread InfoStealers and loaders, with CRIL tracking over 160 malicious packages that accumulated more than 45,000 downloads before removal. The report highlights multiple malware families (Creal Stealer, TIKCOCK GRABBER, Hazard Token Grabber, W4SP Stealer, EvilPIP, and more) and a downloader that fetches remote, obfuscated code from paste.fo, plus practical defenses for organizations.
#KEKW #W4SPStealer #HazardTokenGrabber #CrealStealer #TIKCOCKGRABBER #EvilPIP #PyPI #CRIL #Cyble

Keypoints

PyPI suspended new user/project registrations after a surge of malicious activity, signaling scale and urgency of the problem.
CRIL identified more than 160 malicious Python packages with total downloads exceeding 45,000, indicating rapid propagation.
Attackers used misspelled packages (e.g., “reaquests” mimicking “requests”) to trick users during installation.
Multiple malware variants were observed, including downloader scripts and InfoStealers such as Creal Stealer, TIKCOCK GRABBER, Hazard Token Grabber, W4SP Stealer, and EvilPIP.
A downloader technique retrieved a remote script from a designated URL (paste.fo) and executed it via Python, obfuscated with Hyperion.
CRIL provides practical recommendations (code review, MFA, updates, security software, phishing awareness, DLP, and network monitoring) to mitigate such supply-chain-package threats.

MITRE Techniques

[T1195] Supply Chain Compromise – The attackers uploaded misspelled Python packages to PyPI to target Python users. “Threat Actors (TA)s have been uploading misspelled Python packages specifically targeting Python users.”
[T1204] User Execution – Users accidentally mistype the package name, leading to installation of a malicious Python package. “In cases where users accidentally mistype the package name, they unknowingly install a malicious Python package.”
[T1047] Windows Management Instrumentation – The technique list includes Windows Management Instrumentation under Execution. “Windows Management Instrumentation”
[T1547] Registry Run Keys / Startup Folder – Persistence via startup keys. “Registry Run Keys / Startup Folder”
[T1497] Virtualization/Sandbox Evasion – Defense Evasion through sandbox/virtualization evasion. “Virtualization/Sandbox Evasion”
[T1562] Disable or Modify Tools – Defense Evasion by disabling or modifying security tools. “Disable or Modify Tools”
[T1027] Obfuscated Files or Information – Obfuscated code used to hide payloads. “Obfuscated Files or Information”
[T1056] Credential API Hooking – Credential access via hooking APIs. “Credential API Hooking”
[T1057] Process Discovery – Discovery of running processes. “Process Discovery”
[T1012] Query Registry – Registry discovery to obtain system information. “Query Registry”
[T1082] System Information Discovery – Gathering system information. “System Information Discovery”
[T1083] File and Directory Discovery – Looking for files/directories to enumerate. “File and Directory Discovery”
[T1005] Data from Local System – Exfiltrating data from the local system. “Data from Local System”
[T1071] Application Layer Protocol – Data exfiltration via application-layer protocols (e.g., Discord webhook). “Application Layer Protocol”

Indicators of Compromise

[URL] remote script host – https[:]//paste[.]fo/raw/ (Downloader fetches and executes remote content)
[File Name] reaquests-0.1-py3-none-any – used by attackers as a misspelled package
[File Name] hubtik-1.0-py3-none-any – example package containing a grabber variant
[MD5] 976aea7821badd4dd8133278ed4ee218 – for reaquests-0.1-py3-none-any
[SHA1] 61f663719274a031ee40f02d604fd9960060ea07 – for reaquests-0.1-py3-none-any
[SHA256] efdd674a7ee3f8ddb4e0660e594a7c1f8cb54d5498cce03e8c3eaa2b105126d2 – for reaquests-0.1-py3-none-any
[File Name] pycolorings-0.0.1-py3-none-any.whl – another malicious package payload

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print

PYPI Malware: Over 45K Users Fell Victim To PYPI Packages – Cyble