Maintainers of the Python Package Index project has removed several malicious PyPI packages that were designed to steal sensitive information from users, such as credit card numbers and Discord tokens.
The packages were published under different usernames and were able to score over 30,000 downloads.
This week, researchers from JFrog – Andrey Polkovnichenko, Omer Kaspi, and Shachar Menashe – found several malicious Python packages on the PyPI registry. Most of the packages were designed to steal Discord tokens, passwords, and web browser files, though some of them provide attackers with special code execution capabilities.
The researchers say all of the packages in the list use simple obfuscation techniques, which are similar to those used by most novice hackers, and are base64-encoded.
The researchers discovered that the packages aryi and suffer, however, which were targeted at users with Android devices, were obfuscated using the PyArmor obfuscation technique.
Although these packages are no longer available for PyPI, their archived copies were still stored in Sonatype’s anti-malware systems. Thus researchers were able to analyze them and said the noblesse family of malware, claiming to be optimization packages, could capture screenshots, Windows version and license key information, IP address, computer name/user name and more.
In addition, the noblesse family included various packages that stole the user’s Discord usernames and web-browser autocomplete files that contain their credit card numbers. The functionality is similar (but not the code) to npm Discord stealers discovered before.
“An authentication token allows the attacker to impersonate the user that originally held the token (similar to HTTP session cookies). The payload stealing the tokens is based on the infamous dTGPG (Discord Token Grabber Payload Generator) payload. This is a generator tool that was never released publicly, but the payloads (the individualized token grabbers) are shared publicly, and some examples were also uploaded to GitHub,” stated the researchers.
Another strand of malware from these packages was aimed at gathering system information.
While the pythagora package had base64 payload inserted in the Pythagorean theorem formula. The payload sends HTTP requests to a private IP address on TCP port 9009 and listens for incoming commands.