Pretend Python packages prey on poor typing

Typosquatting attack hits the PyPI registry

The Slovakian National Security Authority on Thursday warned that PyPI, the repository for Python software packages, has been hosting malicious software libraries.

The group's cybersecurity division, SK-CSIRT, identified 10 fake libraries designed to dupe developers through typosquatting. The names of the malicious libraries are almost identical to legitimate libraries, in the hope that fat-fingered command-line typing will summon the compromised code.

Typosquatting sounds like an unlikely method to spread much malware, but the effectiveness of the technique was demonstrated in 2016 by Nikolai Tschacher, who was an undergraduate student at the University of Hamburg at the time.

For his bachelor's thesis, Tschacher explored the feasibility of typosquatting attacks on programming language package registries, specifically Python's PyPI, Node.JS's npm and Ruby's gem.

By creating 214 versions of popular packages with misspelled names (eg, "reqeusts" instead of Python's "requests"), he was able to distribute thousands of fake code libraries.

Malware creators have taken the lesson to heart. For two weeks in July, npm hosted about 40 malicious Node.js packages. And in a similarly developer-focused attack, a Chrome extension developer's account was hijacked, which allowed the attacker to poison trusted code.

The risk of compromised software package registries has been known for several years, but efforts to reduce this risk have been lackluster.

SK-CSIRT said it notified PyPI administrators who have removed the 10 compromised packages, identified as follows:


– acqusition (uploaded 2017-06-03 01:58:01, impersonates acquisition)
– apidev-coop (uploaded 2017-06-03 05:16:08, impersonates apidev-coop_cms)
– bzip (uploaded 2017-06-04 07:08:05, impersonates bz2file)
– crypt (uploaded 2017-06-03 08:03:14, impersonates crypto)
– django-server (uploaded 2017-06-02 08:22:23, impersonates django-server-guardian-api)
– pwd (uploaded 2017-06-02 13:12:33, impersonates pwdhash)
– setup-tools (uploaded 2017-06-02 08:54:44, impersonates setuptools)
– telnet (uploaded 2017-06-02 15:35:05, impersonates telnetsrvlib)
– urlib3 (uploaded 2017-06-02 07:09:29, impersonates urllib3)
– urllib (uploaded 2017-06-02 07:03:37, impersonates urllib3)

These packages have been downloaded multiple times since they were first uploaded in June 2017, SK-CSIRT said.

The cybersecurity group said the attack's success depends upon developers or system administrators failing to thoroughly check the names of the packages they're installing. The group also blamed it on the "pip" tool, which does not require any cryptographic signature and is designed to execute arbitrary code during package installation.

The malicious code itself does not appear to be particularly harmful. According to SK-CSIRT, it sends only the following data to a report server:

  • The name and version of the fake package
  • The username of the person who authorized the installation
  • The hostname

The group provided the following terminal command to search for the presence of compromised packages:

pip list –format=legacy | egrep '^(acqusition|apidev-coop|bzip|crypt|django-server|pwd|setup-tools|telnet|urlib3|urllib)'

Concerned admins may also want to scour their logs for connections to 121.42.217.44, port 8080, which would indicate that at least one of the fake packages had been installed. ®


Biting the hand that feeds IT © 1998–2017