Malicious PyPI Packages Use Compiled Python Code to Bypass Detection

Written by

Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. 

According to ReversingLabs reverse engineer Karlo Zanki, this could be the first instance of a supply chain attack capitalizing on the direct execution capability of Python byte code (PYC) files.

The method introduces another supply chain vulnerability for the future, as most security tools solely scan Python source code (PY) files, making them susceptible to missing such attacks. Zanki said it coincides with an increase in harmful submissions to the Python Package Index (PyPI).

Read more on malicious PyPI packages: Researchers Uncover 7000 Malicious Open Source Packages

ReversingLabs also said it reported the discovered package, fshec2, to the PyPI security team, who acknowledged that it was a previously unseen attack and removed it from the PyPI repository the same day.

“This is a fascinating new variation of the more common supply chain attack, where a threat actor drops a malicious library into a public repository,” explained Mike Parkin, Senior Technical Engineer at Vulcan Cyber.

“It’s utilizing some techniques that will help it evade existing security tools, which may be problematic until the tools are updated to handle compiled Python code.”

In fact, the attackers used a unique loading technique that employed the Importlib module to avoid detection. 

“This obfuscation technique allows the compiled code to get past security scanners. Catching this type of code requires static analysis of the source code, which is difficult, if not impossible, because it is compiled,” commented Timothy Morris, chief security advisor at Tanium.

The malware then had a command-and-control (C2) infrastructure that allowed it to evolve by downloading new commands from a remote server.

The ReversingLabs team also found misconfigurations in the attacker’s web host, which provided insights into the malware’s capabilities. According to the company’s advisory, the attack infected at least two targets, harvesting usernames, hostnames and directory listings.

“The novelty of the PyPi malware that ReversingLabs identified reminds me of some of the characteristics of a DLL hijack – essentially where rogue code can be loaded by a trusted application,” said Andrew Barratt, vice president at Coalfire.

“The troubling part is that we’ve got attackers deliberately targeting code repositories with these techniques clearly looking for a mass deployment vector which starts to feel like the precursor to a ransomware campaign.”

The ReversingLabs discovery comes weeks after Cyble shed light on a separate malicious PyPI with information-stealing capabilities.

Editorial image credit: Trismegist san /

What’s hot on Infosecurity Magazine?