Exposed Malicious Packages on PyPI, npm, and Ruby in Ongoing Open-Source Supply Chain Threats

Several malicious packages have been identified within the npm, Python, and Ruby package repositories. These packages exhibit harmful functionalities such as draining cryptocurrency wallets, erasing entire codebases after installation, and exfiltrating Telegram API tokens. This situation underscores the continued vulnerability of open-source ecosystems to diverse supply chain threats.

Recent findings have been reported by major cybersecurity firms including Checkmarx, ReversingLabs, Safety, and Socket. A list of the malicious packages from these platforms is provided below.

Socket has reported the discovery of two malicious Ruby gems, which were released by a threat actor using aliases such as Bùi nam, buidanhnam, and si_mobile, shortly after the Vietnamese government imposed a ban on the Telegram messaging application. These gems quietly siphon data sent to the Telegram API by redirecting traffic through a command-and-control (C2) server controlled by the attacker. This exfiltration includes sensitive information such as bot tokens, chat IDs, message content, and attached files.

The malicious variants of the gems are nearly identical to the legitimate Fastlane plugin, “fastlane-plugin-telegram,” a widely adopted tool for sending deployment notifications to Telegram channels from continuous integration/continuous deployment (CI/CD) pipelines. The threat actor modified the network endpoint for Telegram messages to redirect to a hard-coded server, which acts as a relay and allows for the unlawful harvesting of sensitive data.

The analysis by Socket indicates that the malware is not region-specific and lacks geofencing, suggesting that the attackers are exploiting the Telegram ban in Vietnam to distribute counterfeit libraries disguised as proxies. Such activities illustrate how rapidly threat actors can take advantage of geopolitical events to initiate targeted supply chain attacks. By weaponizing trusted development tools like Fastlane, they successfully infiltrate CI/CD environments.

In addition, an npm package named “xlsx-to-json-lh” has been identified as a typosquatting variant of the legitimate tool “xlsx-to-json-lc.” This malicious package executes a harmful payload upon import, establishing a persistent connection to a C2 server. When directed by the server through a specific command, it deletes entire project directories, including source code files, version control data, configuration files, and all project assets.

Further investigations revealed a set of malicious npm packages responsible for siphoning off a significant portion of funds from victims’ Ethereum or Binance Smart Chain wallets. These packages utilized obfuscated JavaScript code to facilitate the transfer of stolen funds to attacker-controlled wallets. One of the malicious npm packages, uploaded under the alias @crypto-exploit, recorded over 2,100 downloads before being removed.

In the Python package index (PyPI), various malicious packages were also found incorporating covert functionalities aimed at stealing sensitive data, including Solana private keys. Some of these packages, which initially appeared benign, were later updated with harmful payloads, revealing a sophisticated strategy to deceive users.

One specific collection of Python packages modifies key-generation methods to capture private keys. The malware encrypts these keys and sends them to a specific location for retrieval by the threat actor. This tactic exemplifies the intricate methods increasingly employed by malicious actors in modern cyber threats.

Another recent campaign involving a batch of malicious Python packages targeted developers by exfiltrating Python script files and claiming to offer utility for fetching cryptocurrency prices. This suggests a broader trend of leveraging popular libraries to deliver malware, which poses heightened risks to software developers.

In a notable shift, malicious actors are now incorporating artificial intelligence tools into their malicious code, as demonstrated by a series of PyPI packages that masked infostealer payloads within malicious machine learning models. These packages, published for a brief period, managed to accumulate significant downloads before being taken down.

Overall, the findings reiterate the pressing need for vigilance and robust security measures in the software supply chain. The evolving landscape of threats necessitates a proactive approach to mitigate the risks associated with third-party package integrations in development environments.