Researchers at Positive Technologies have uncovered a disturbing revelation regarding malicious packages posing as DeepSeek on the Python Package Index (PyPi). These seemingly innocuous packages are actually loaded with dangerous infostealers, putting developers at risk of having sensitive data compromised. The experts are cautioning developers to be vigilant, as there may be more platforms housing fake and harmful DeepSeek packages.
The malicious packages, named “deepseekai” and “deepseeek,” were identified by researchers at Positive Technologies as part of the deceptive campaign. The attackers behind this scheme targeted developers, machine learning engineers, and AI enthusiasts who were looking to integrate DeepSeek into their systems. The account responsible for the attack, “bvk,” was created in June 2023 and remained inactive until January 29, when the malicious campaign was launched. Upon execution, the packages dropped infostealers aimed at pilfering crucial data such as API keys, database credentials, and permissions.
Although the malicious PyPi packages have since been removed, it was discovered that they had been downloaded 36 times via the pip package manager and the bandersnatch mirroring tool, and 186 times through the browser, alerting researchers to the potential scope of the threat. Tim Erlin, Vice President of Product at Wallarm, highlighted the significance of the incident, emphasizing the need for caution when engaging with popular activities, such as installing PyPi packages, to avoid falling victim to cyber threats.
Mike McGuire, Senior Security Solutions Manager at Black Duck, stressed the importance of being observant and raising red flags when dealing with accounts of questionable reputation, especially in situations like the DeepSeek package debacle. Despite the sophistication attributed to DeepSeek, the attack itself was deemed relatively low-tech by Michael Lieberman, CTO at Kusari, underscoring the effectiveness of typosquatting attacks that prey on developer oversight.
In a remarkable development, researchers uncovered evidence suggesting that the threat actors leveraged AI to craft the malicious code, highlighting the intersection of AI and cybercrime. Erlin reiterated the likelihood of encountering similar malicious packages across diverse platforms and warned developers to brace for an increase in the volume of malicious code being disseminated.
To counter these emerging threats, Raj Mallempati, CEO of BlueFlag Security, advised developers to adopt robust security protocols throughout the software development lifecycle. This entails employing software composition analysis tools, automated vulnerability scanning, and exercising caution when working with unverified packages. Mallempati also stressed the need for developers to verify package names and sources, as well as utilize dependency scanning tools like Github dependabot to mitigate the risks of downloading malicious packages.
The recent incident serves as a stark reminder for developers to remain vigilant and proactive in safeguarding their environments against evolving cyber threats. By staying abreast of best security practices and implementing effective countermeasures, developers can fortify their defenses against malicious actors seeking to exploit vulnerabilities in the digital landscape.