Backdoored Python Libraries

Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint.

The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as well as the endpoint have now been taken down.

"Some of these packages either contain code that reads and exfiltrates your secrets or use one of the dependencies that will do the job," Sharma said.


The malicious code injected into "loglib-modules" and "pygrata-utils" allow the packages to harvest AWS credentials, network interface information, and environment variables and export them to a remote endpoint: "hxxp://graph.pygrata[.]com:8000/upload."

Troublingly, the endpoints hosting this information in the form of hundreds of .TXT files were not secured by any authentication barrier, effectively permitting any party on the web to access these credentials.

It's noteworthy that packages like "pygrata" use one of the aforementioned two modules as a dependency and do not harbor the code themselves. The identity of the threat actor and their motives remain unclear.

AWS Secrets and Keys

"Were the stolen credentials being intentionally exposed on the web or a consequence of poor OPSEC practices?," Sharma questioned. "Should this be some kind of legitimate security testing, there surely isn't much information at this time to rule out the suspicious nature of this activity."

This is not the first time such rogue packages have been unearthed on open source repositories. Exactly a month back, two trojanized Python and PHP packages, named ctx and phpass, were uncovered in yet another instance of a software supply chain attack.

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

An Istanbul-based security researcher, Yunus Aydın, subsequently claimed responsibility for the unauthorized modifications, stating he merely wanted to "show how this simple attack affects +10M users and companies."

In a similar vein, a German penetration testing company named Code White owned up last month to uploading malicious packages to the NPM registry in a bid to realistically mimic dependency confusion attacks targeting its customers in the country, most of which are prominent media, logistics, and industrial firms.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.