What Happened?
In a startling revelation, cybersecurity researchers have discovered a series of malicious Python packages uploaded to PyPI (Python Package Index), the official repository for Python libraries. These packages were downloaded more than 39,000 times, spreading stealth malware to unsuspecting developers around the globe.
This campaign is part of a software supply chain attack, where attackers compromise commonly used third-party tools to infiltrate systems indirectly. In this case, the packages were designed to harvest sensitive information, including environment variables, login credentials, SSH keys, browser data, and even cryptocurrency wallet files.
This incident once again emphasizes the growing threat landscape surrounding open-source ecosystems, especially those as widely used as PyPI.

Which Packages Were Involved?
The malicious Python packages used a common trick known as typosquatting—slightly altering the names of popular or trustworthy packages to mislead users. Here are some of the reported packages:
pyobf2
pywool
easyhttprequest
pycolorz
These packages may appear harmless or even useful at first glance. However, the moment they are installed using pip
, they execute malicious post-install scripts that connect to remote servers and begin harvesting data silently.
Some of the attackers also disguised the packages with fake documentation, forged GitHub links, and copied descriptions from legitimate projects to increase credibility.
How the Attack Works
Let’s break down how this attack operates from installation to data theft:
1. Installation (via pip)
The user installs a malicious package using a simple command like:
bashCopyEditpip install pycolorz
Most users wouldn’t suspect anything wrong unless they carefully inspect the source.
2. Execution of Malicious Code
During installation, Python allows packages to include a setup.py
file that can execute arbitrary code. Attackers used this to:
- Run hidden scripts
- Drop executable payloads
- Start background processes
Some packages even dynamically downloaded more code from a command-and-control (C2) server, allowing attackers to update the payloads in real-time.
3. Data Harvesting
The malware was designed to:
- Extract browser credentials (from Chrome, Firefox, etc.)
- Read SSH config files and keys
- Scan for
.env
files with tokens and secrets - Locate crypto wallet data files
- Fingerprint the system (OS version, hostname, user privileges)
4. Data Exfiltration
The stolen data is sent to an external server, often using:
- HTTP POST requests
- Encrypted TCP connections
- Steganographic techniques (to hide data in images)
Some attackers used Discord webhooks or Telegram bots as exfiltration channels—a surprisingly common method in modern malware.
Real-World Impact: Why It’s a Big Deal
This isn’t just about a few developers downloading the wrong package.
Here’s why this attack matters:
1. Developers Hold Keys to the Kingdom
In many organizations, developers have direct access to:
- Internal servers
- Production APIs
- Source code repositories
- Deployment pipelines
Stealing credentials from a developer’s machine can provide a shortcut into corporate infrastructure, enabling further attacks like ransomware, data breaches, or even crypto theft.
2. Supply Chain Infiltration is Scalable
Instead of targeting one company, attackers can target thousands by simply publishing a fake package. With over 500,000 daily downloads on PyPI, even a short-lived malicious package can cause wide damage.
3. Difficulty in Detection
Since these malicious packages are distributed through legitimate channels (i.e., PyPI), traditional antivirus tools may not catch them immediately. It’s the trusted channel itself being weaponized, which makes detection and prevention far more challenging.
PyPI’s Response and Limitations
The PyPI security team acted quickly by removing the packages and banning associated accounts, but the underlying challenge remains: PyPI is open by design. Anyone can publish a package with minimal oversight.
While PyPI has implemented measures like:
- Requiring 2FA for maintainers
- Flagging suspicious uploads
- Introducing automated malware scanning
…it’s still playing catch-up with the scale and speed of malicious activity.
How to Stay Safe: Python Security Best Practices
Despite the growing threat, developers and teams can protect themselves by implementing some smart and practical strategies:
1. Double-Check Before Installing
Always verify package names and check the following before installing:
- Number of downloads
- GitHub repo link (does it exist and match the author?)
- Release history and update frequency
- Maintainer details and PyPI comments (if any)
Use trusted sources like libraries.io or OpenBase to investigate package legitimacy.
2. Use Static and Dynamic Scanners
Incorporate tools that automatically check for vulnerabilities:
- Bandit: Scans Python code for common security issues.
- Safety: Checks dependencies for known vulnerabilities.
- Sonatype OSS Index: CVE scanning for Python packages.
- Checkov: For security misconfigurations in IaC (Infrastructure-as-Code).
3. Isolate and Monitor with Virtual Environments
Use tools like venv
, virtualenv
, or Poetry
to isolate each project. Avoid system-wide installations that increase your blast radius in case of compromise.
You can also containerize your environment with Docker to further isolate dependencies.
4. Pin Package Versions and Audit Frequently
Use requirements.txt
with fixed versions (e.g., requests==2.31.0
) and periodically run:
bashCopyEditpip list --outdated
pip-audit
Conduct dependency audits monthly and before every major deployment.
5. Secure Your Developer Accounts
Many attacks begin with compromised GitHub or PyPI accounts. Secure them with:
- Strong passwords
- Two-factor authentication (2FA)
- GitHub’s
security.key
or SSH key authentication
Also, limit token exposure by using environment variables and secret managers like HashiCorp Vault, AWS Secrets Manager, or GitHub Encrypted Secrets.
6. Maintain a Software Bill of Materials (SBOM)
A Software Bill of Materials lists all packages, versions, and dependencies used in a project. This helps you:
- Track affected projects during zero-day events
- Understand dependency chains
- Respond faster during incidents
Use tools like CycloneDX
or Syft
to generate SBOMs.
Supply Chain Attacks Are Skyrocketing
According to a 2024 report by ReversingLabs, malicious package uploads to public repositories increased by over 800% since 2020. The average time before such packages are flagged or removed is still several days, giving attackers plenty of room to cause harm.
Conclusion: The Developer’s Role in Security
The attack involving malicious PyPI packages downloaded over 39,000 times is just one of many recent cases that show how vulnerable the modern software supply chain really is.
As a developer or tech leader, you must assume shared responsibility for security. By auditing dependencies, verifying sources, and using security tooling, you can turn your environment into a much harder target.
Open-source is powerful, but it’s only as secure as the people who use it responsibly.