Kaspersky’s Global Research and Analysis Team (GReAT) has recently uncovered a sophisticated supply chain attack targeting the Python Package Index (PyPI).
The attack, which remained undetected for nearly a year, involved malicious packages masquerading as AI chatbot tools to distribute a modified version of the JarkaStealer malware.
Leonid Bezvershenko, a security researcher at Kaspersky GReAT, led the discovery of two malicious packages named ‘gptplus’ and ‘claudeai-eng’ on PyPI.
.webp)
These packages, uploaded in November 2023, cleverly mimicked tools for working with popular AI language models ChatGPT and Claude.
Researcher observed that the packages’ descriptions included convincing usage examples, such as creating chats and sending messages to language models, to lure unsuspecting developers.
Maximizing Cybersecurity ROI: Expert Tips for SME & MSP Leaders – Attend Free Webinar
Technical Analysis
To maintain the illusion of legitimacy, the threat actors implemented interactions with a demo proxy of ChatGPT.
However, upon importing these packages, a hidden process would execute Base64-encoded data, downloading a JAR file named JavaUpdater.jar from a GitHub repository.
.webp)
This file contained a version of JarkaStealer, a potent malware capable of stealing browser data, capturing screenshots, collecting system information, and extracting session data from various applications including Telegram, Discord, and Steam.
The malicious packages received over 1,700 downloads across more than 30 countries before their discovery and removal. The highest activity was reported in the United States, China, France, Germany, and Russia, although the campaign did not appear to target any specific organization or geographic region.
.webp)
Kaspersky’s investigation revealed that JarkaStealer is being distributed under a Malware-as-a-Service (MaaS) model through a Telegram channel and bot shop. The malware’s source code was also found leaked on GitHub, potentially enabling wider deployment by malicious actors.
.webp)
Bezvershenko highlighted the importance of implementing strict verification and integrity checks to ensure the legitimacy and security of software and dependencies, particularly when dealing with emerging technologies like AI.
Kaspersky has reported its findings to PyPI, leading to the removal of the malicious packages. The cybersecurity firm continues to actively monitor for similar threats to safeguard the software supply chain.
Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN -> Try for Free