A malicious Python package deal on the Python Package deal Index (PyPI) repository has been discovered to make use of Unicode as a trick to evade detection and deploy an info-stealing malware.
The package deal in query, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to reap and exfiltrate credentials and different helpful knowledge. It has since been taken down, however not earlier than attracting a complete of 183 downloads.
In line with software program provide chain safety agency Phylum, the package deal incorporates its malicious habits in a setup script that is filled with hundreds of seemingly professional code strings.
These strings embody a mixture of daring and italic fonts and are nonetheless readable and will be parsed by the Python interpreter, solely to activate the execution of the stealer malware upon set up of the package deal.
“An apparent and fast good thing about this unusual scheme is readability,” the corporate noted. “Furthermore, these seen variations don’t stop the code from working, which it does.”
That is made doable owing to the usage of Unicode variants of what seems to be the identical character (aka homoglyphs) to camouflage its true colours (e.g., self vs. 𝘀𝘦𝘭𝘧) amongst innocuous-looking capabilities and variables.
The usage of Unicode to inject vulnerabilities into supply code was beforehand disclosed by Cambridge College researchers Nicholas Boucher and Ross Anderson in an assault method dubbed Trojan Supply.
What the strategy lacks in sophistication, it makes up for it by making a novel piece of obfuscated code, regardless of exhibiting telltale indicators of copy-paste efforts from different sources.
The event highlights continued makes an attempt on a part of risk actors to seek out new methods to slide by string-matching primarily based defenses, leveraging “how the Python interpreter handles Unicode to obfuscate their malware.”
On a associated observe, Canadian cybersecurity firm PyUp detailed the invention of three new fraudulent Python packages – aiotoolbox, asyncio-proxy, and pycolorz – that had been downloaded cumulatively over 1,000 instances and designed to retrieve obfuscated code from a distant server.