March 30, 2022

List of Malicious and Pytosquatting Packages in PyPI

Research & written by Sebastian Chnelik - PyUp Cybersecurity Intelligence Team

The PyUp Cybersecurity Intelligence team spends all day every day finding undiscovered or unpublished security vulnerabilities in over 400,000 Python packages available to the Python community.

One type of vulnerability in open source is typosquatting - a form of attack through naming or namespace confusion. A simple example would be a malicious attacker publishing a new package called "numpi" which acts exactly like the actual (and popular!) package "NumPy" does, but in addition, has some malicious code buried within it.

The presence of one of these malicious packages in your systems represents a severe threat. Impacts range from stealing your Discord Tokens to an attacker getting Remote Code Execution.

Wait, What Is Pytosquatting?

In this context, typosquatting consists in tricking users into using malicious software which is misspelled from the desired one. In short, a typo in the package's name. For example, a user may install 'Diango' instead of 'Django' by mistake. Another form of this is a package like "nmap-python" being confused for the actual package python-nmap.

Pytosquatting is typosquatting in the Python ecosystem in a precise way. In this ecosystem, install and import names can be different, which makes the risk of installing malicious or vulnerable code higher.

For example, beautifulsoup4 (a popular Python package) is installed using beautifulsoup4 but imported with the name bs4. Because of this difference, people (understandably) may mistakenly run pip install bs4, installing a different package entirely! Attackers have jumped onto this confusion possibility and published packages matching these import names.

alt_text Here we can see beautifulsoup4 is the install name but bs4 is the import name

Our Cybersecurity team recently made a list of all reported malicious & pytosquatting packages in PyPI using OSINT.

Are These Pytosquatting Packages Still in PyPI?

No, they were immediately taken away from PyPI when reported. However, before this, many people downloaded them.

However, some of these packages were downloaded 10,000+ times and may still exist on systems worldwide.

alt_text dpp-client was installed 10,000+ times. This package tried to steal environment details from machines it was installed on.

Supply Chain Attacks on the Rise

Typosquatting attacks don't affect only the Python ecosystem. Hundreds of malicious packages are discovered almost every week in NPM. RubyGems repository is also constantly targeted. According to Argon security firm, the number of software supply chain attacks tripled in 2021 compared to 2020.

What Should I Do?

Scan all your environments with PyUp's tools to deep scan your Python environments and verify there are no malicious packages. Use our Safety CI to catch vulnerabilities before code reaches production, and integrate our Safety command-line tools to protect your developer machines and CI/CD workflows. We spend every day researching Python dependency vulnerabilities so that you don't have to.

Here's the List

All the packages below are part of PyUp's Python Dependency Vulnerability Database (and many more).

Did you find a malicious package that isn't included? Please write to us at cybersecurity@pyup.io

Package Reference Discovered Date
secbg Sonatype March 2022
secrevtwo
aiohttp-proxies
azureml-contrib-jupyterrun Sonatype
azureml-contrib-reports
azure-cli-ml-preview
aml-ds-pipeline-contrib
azure-cli-ml-private-preview
azureml-contrib-optimization
sdk-cli-v2-public
sdk-cli-v2
request.request
aiohttp-socks4
collored
ipahttp Sonatype February 2022
skale-allocator-cli
aiohttp-socks5
pmpo
testing-pip-confusion
humanqueenn Security Boulevard
humanqueen
easyfuncsys
xss
aws-login0tool Medium December 2021
dpp-client1234
dpp-client
yiffparty The Hacker News November 2021
yandex-yt
10Cent11
10Cent10
trrfab
DiscordSafety
owlmoon
ipboards
pptest
important-package
botaa3 Sonatype
importantpackage The Hacker News
mitmproxy-iframe Bleeping Computer October 2021
mitmproxy2
noblessev2 The Hacker News July 2021
noblesse2
suffer
genesisbot
noblesse
pytagora2
pytagora
aryi Bleeping Computer
learninglib Bleeping Computer June 2021
mplatlib
mllearnlib
matplatlib-plus
maratlib1
maratlib
jeIlyfish Zdnet December 2019
python3-dateutil
libari Zdnet July 2019
libpesh
libpeshnx
virtualnv rsc-dev December 2018
smb
python-sqlite
python-openssl
python-mysqldb
python-mysql
python-mongo
pythonkafka
python-ftp
openvc
nmap-python
mumpy
junkeldat
distrib
pyconau-funtimes Zdnet October 2018
dajngo
djago
diango
timeit
pkgutil
smplejson
mybiubiubiu
libpeshka
easyinstall
djanga
colourama
ssh-decorate* Bleeping Computer May 2018
urllib SK-CSIRT September 2017
urlib3
telnet
setup-tools
pwd
django-server
crypt
bzip
apidev-coop
acqusition