Cybersecurity researchers have issued warnings about a malicious campaign targeting users of the Python Package Index (PyPI). The attackers distributed counterfeit libraries, disguised as utilities related to “time,” yet covertly engineered to pilfer sensitive information, including cloud access tokens.
Experts from ReversingLabs uncovered two distinct sets of malicious packages, encompassing 20 unique names. These packages had collectively been downloaded more than 14,100 times, highlighting the extensive scope of the attack. The first set of libraries was explicitly designed to exfiltrate stolen data to attacker-controlled servers, while the second set masqueraded as legitimate client SDKs for cloud platforms such as Alibaba Cloud, Amazon Web Services, and Tencent Cloud.
Among the most frequently downloaded malicious packages were snapshot-photo (2,448 downloads), acloud-client (5,496 downloads), and enumer-iam (1,254 downloads). Although these malicious libraries have since been removed from PyPI, their prolonged availability and active use suggest the potential for significant widespread harm.
Further investigation revealed that three packages—acloud-client, enumer-iam, and tcloud-python-test—had been listed as dependencies within the GitHub project accesskey_tools, which boasts 519 stars and 42 forks. This suggests a likelihood of their integration into widely used software projects, amplifying the risk of compromised systems.
“Suspicious URLs represent a critical indicator of potentially malicious packages, as they are commonly leveraged to download additional malware or establish connections with command-and-control servers, granting attackers persistent control over infected systems,” noted Jenna Wang, a cybersecurity expert from Fortinet.
This incident underscores once again the vulnerability of software supply chains and highlights the imperative for rigorous scrutiny of third-party dependencies before incorporating them into development projects.
