Research & written by Sebastian Chnelik - PyUp Cybersecurity Intelligence Team

The PyUp Cybersecurity Intelligence team spends all day every day finding undiscovered or unpublished security vulnerabilities in over 400,000 Python packages available to the Python community.

One type of vulnerability in open source is typosquatting - a form of attack through naming or namespace confusion. A simple example would be a malicious attacker publishing a new package called "numpi" which acts exactly like the actual (and popular!) package "NumPy" does, but in addition, has some malicious code buried within it.

The presence of one of these malicious packages in your systems represents a severe threat. Impacts range from stealing your Discord Tokens to an attacker getting Remote Code Execution.

Wait, What Is Pytosquatting?

In this context, typosquatting consists in tricking users into using malicious software which is misspelled from the desired one. In short, a typo in the package's name. For example, a user may install 'Diango' instead of 'Django' by mistake. Another form of this is a package like "nmap-python" being confused for the actual package python-nmap.

Pytosquatting is typosquatting in the Python ecosystem in a precise way. In this ecosystem, install and import names can be different, which makes the risk of installing malicious or vulnerable code higher.

For example, beautifulsoup4 (a popular Python package) is installed using beautifulsoup4 but imported with the name bs4. Because of this difference, people (understandably) may mistakenly run pip install bs4, installing a different package entirely! Attackers have jumped onto this confusion possibility and published packages matching these import names.

_{Here we can see beautifulsoup4 is the install name but bs4 is the import name}

Our Cybersecurity team recently made a list of all reported malicious & pytosquatting packages in PyPI using OSINT.

Are These Pytosquatting Packages Still in PyPI?

No, they were immediately taken away from PyPI when reported. However, before this, many people downloaded them.

However, some of these packages were downloaded 10,000+ times and may still exist on systems worldwide.

_{dpp-client was installed 10,000+ times. This package tried to steal environment details from machines it was installed on.}

Supply Chain Attacks on the Rise

Typosquatting attacks don't affect only the Python ecosystem. Hundreds of malicious packages are discovered almost every week in NPM. RubyGems repository is also constantly targeted. According to Argon security firm, the number of software supply chain attacks tripled in 2021 compared to 2020.

What Should I Do?

Scan all your environments with PyUp's tools to deep scan your Python environments and verify there are no malicious packages. Use our Safety CI to catch vulnerabilities before code reaches production, and integrate our Safety command-line tools to protect your developer machines and CI/CD workflows. We spend every day researching Python dependency vulnerabilities so that you don't have to.

Here's the List

All the packages below are part of PyUp's Python Dependency Vulnerability Database (and many more).

Did you find a malicious package that isn't included? Please write to us at cybersecurity@pyup.io