Full Report
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packages
Analysis Summary
# Tool/Technique: Malicious PyPI Packages Stealing Cloud Tokens
## Overview
A collection of malicious packages uploaded to the Python Package Index (PyPI) repository. These packages masquerade as legitimate "time" related utilities but contain hidden functionality designed to steal sensitive data, specifically cloud access tokens associated with services like Alibaba Cloud, Amazon Web Services (AWS), and Tencent Cloud.
## Technical Details
- Type: Malware/Supply Chain Compromise (Infected Libraries)
- Platform: Python/PyPI Environment (Affecting users installing packages via `pip`)
- Capabilities: Information stealing, data exfiltration, dependency confusion possibilities (implied by supply chain context).
- First Seen: Commit referencing one package was made on November 8, 2023.
## MITRE ATT&CK Mapping
*Note: Specific TTPs are inferred based on the description of stealing and exfiltrating tokens.*
- **TA0010 - Exfiltration**
- T1041 - Exfiltration Over C2 Channel (Inferred, as data must be sent somewhere)
- **TA0009 - Collection**
- T1552 - Credentials from Web Session (Cloud tokens are credentials)
## Functionality
### Core Capabilities
- Masquerading as legitimate Python utilities, often related to timing functions.
- Installing malicious code during the package installation process (common in PyPI abuse campaigns).
- Stealing sensitive data, particularly cloud access tokens.
### Advanced Features
- Targeting multiple cloud providers (Alibaba Cloud, AWS, Tencent Cloud) via specialized client functionality packages.
- Some packages seem designed explicitly for data uploading to attacker infrastructure.
- The malicious packages were linked as dependencies to a visible GitHub project (`accesskey_tools`).
## Indicators of Compromise
*Note: Specific, unique file hashes or network indicators are not provided in the text.*
- File Hashes: [Not provided]
- File Names: **Packages identified include:** `snapshot-photo`, `time-check-server`, `time-check-server-get`, `time-server-analysis`, `time-server-analyzer`, `time-server-test`, `time-service-checker`, `aclient-sdk`, `acloud-client`, `acloud-clients`, `acloud-client-uses`, `alicloud-client`, `alicloud-client-sdk`, `amzclients-sdk`, `awscloud-clients-core`, `credential-python-sdk`, `enumer-iam`, `tclients-sdk`, `tcloud-python-sdks`, `tcloud-python-test`.
- Registry Keys: [Not applicable/Not provided]
- Network Indicators: Package functionality implies communication with external servers for C2 or exfiltration (defanged analysis is speculative: hxxp://attacker-infrastructure[.]com).
- Behavioral Indicators: Execution of malicious code during package initialization/installation; attempting to read configuration/token files; establishing outbound network connections to upload stolen data.
## Associated Threat Actors
- [Not explicitly named, but leveraging supply chain infiltration tactics.]
## Detection Methods
- Signature-based detection: Detection signatures targeting the known malicious package names.
- Behavioral detection: Monitoring installation scripts (`setup.py` or similar) for suspicious outbound network connections immediately post-installation, especially to unknown or newly registered domains. Analyzing file system access related to credential files.
- YARA rules: Rules targeting characteristic strings or code obfuscation within the installed package files.
## Mitigation Strategies
- Scrutinize and monitor external URLs found within dependency requirements files or installation scripts of third-party packages.
- Use private or verified package repositories where possible.
- Least privilege principle for execution environments installing packages from public repositories.
- Implement software dependency scanning tools that check package reputation and known malicious submissions.
## Related Tools/Techniques
- Other Software Supply Chain Attacks (e.g., NPM package abuse mentioned in the context).
- Credential Harvesting malware specific to cloud environments.
- Dependency Confusion attacks (though this scenario leans towards typosquatting/malicious code injection).