Malicious Update Detected in Python Package "aiocpa"
/ 3 min read
Quick take - On November 20, 2024, Phylum’s automated risk detection platform discovered a malicious update in the “aiocpa” package on PyPI, which was designed to steal private keys through obfuscated code, highlighting the need for enhanced security measures in open source software.
Fast Facts
- On November 20, 2024, Phylum’s automated risk detection platform identified a malicious update (version 0.1.13) in the “aiocpa” package on PyPI, designed for Crypto Pay API interactions.
- The malicious code was crafted to steal private keys and transmitted them via Telegram when the crypto library was initialized, while the GitHub repository remained free of the harmful code.
- The obfuscated payload was recursively encoded and compressed 50 times, complicating detection and enabling the exfiltration of sensitive information upon package execution.
- The incident highlights the importance of scanning actual package code rather than relying solely on the cleanliness of source repositories, as past safety does not guarantee future security.
- Key indicators of compromise include a Telegram Bot Token, Telegram Chat ID, and specific SHA256 hashes for the affected package versions, emphasizing the need for robust security measures in open source software.
Malicious Update Discovered in Python Package Index
On November 20, 2024, an automated risk detection platform operated by Phylum identified a malicious update in the Python Package Index (PyPI) package “aiocpa.” The package is a tool designed for both synchronous and asynchronous interactions with a Crypto Pay API.
Details of the Malicious Update
The malicious update, version 0.1.13, included code specifically crafted to steal private keys. The code transmitted these keys through Telegram whenever the crypto library was initialized. The attacker managed to publish this harmful update while keeping the GitHub repository associated with the package free of the malicious code. This was a deliberate strategy aimed at evading detection.
The “aiocpa” package was first introduced in August 2024 and gained considerable popularity in the months leading up to the incident, accumulating 17 GitHub stars and nearly 4,000 downloads. Upon installation and execution of the package, the malicious code would activate. The code was embedded as an obfuscated payload, recursively encoded and compressed 50 times, making it particularly challenging to detect.
Implications for Open Source Security
The payload manipulates the constructor of the class within the package, enabling the exfiltration of private keys and other sensitive arguments whenever the constructor is called. The absence of the obfuscated payload in the GitHub repository suggests an effort to maintain a façade of legitimacy. This incident highlights critical lessons regarding the security landscape of open source software, emphasizing the necessity for developers and users to scan the actual code within packages. Relying solely on the cleanliness of source repositories is insufficient, and a package’s safety history does not guarantee its future security.
The identity of the perpetrator behind the malicious update remains unknown, raising concerns about accountability in the open source community. In light of these events, the need for heightened vigilance is apparent, and robust security measures are essential when utilizing open source dependencies.
Key Indicators of Compromise
Key indicators of compromise (IOCs) related to this incident have been identified, including a Telegram Bot Token and Telegram Chat ID. Specific SHA256 hashes for the affected package versions are also noted.
Original Source: Read the Full Article Here
