[Python-Dev] SK-CSIRT identified malicious software libraries in the official Python package repository, PyPI
victor.stinner at gmail.com
Fri Sep 15 16:28:58 EDT 2017
Last week, the National Security Authority of Slovakia contacted the
Python Security Response Team (PSRT) to report that the Python Package
Index (PyPI) was hosting malicious packages. Installing these packages
send user data to a HTTP server, but also install the expected module
so it was an easy to notice the attack.
Kudos to them to report the issue!
It's not a compromise of the PyPI server nor a third-party project,
but the "typo squatting" issue which is known since at least June 2016
(for PyPI). The issue is not specific to Python, npmjs.com or
rubygems.org are vulnerable to the same issue.
For example, a malicious package used the names "urllib" (no 3) and
"urlib3" (1 L) instead of "urllib3" (2 L). These packages were
downloaded by users, so the attack was effective.
More information on typo squatting and Python package security:
The PRST contacted PyPI administrators and all identified packages
were taken down, only 1h10 after the PSRT received the email from the
National Security Authority of Slovakia!
The typo squatting issue is known and discussed, but not solution was
found yet. See for example this warehouse issue:
It seems like the consensus is that pip is not responsible to detect
malicious code, it's more the responsability of PyPI.
The problem is to decide how to detect malicious code and/or prevent
typo squatting on PyPI.
The issue has been discussed privately on the PSRT list last week. The
National Security Authority of Slovakia just published their advisory,
and a public discussion started on reddit:
I consider that it's now time to find a solution on the public
python-dev mailing list.
Let's try to find a solution!
Can we learn something from the Update Framework (TUF)?
with these security issues on their package manager?
See also my other notes on Python security and the list of known
More information about the Python-Dev