Two Python packages recently discovered on the Python Package Index (PyPI) have been found to contain an infostealer that could potentially affect thousands of victims. These packages were designed to integrate with popular chatbots, promising API access to advanced artificial intelligence capabilities, but instead delivered malware known as “JarkaStealer.”
The malicious packages, named “gptplus” and “claudeai-eng,” were created by a user with the username “Xeroline” on PyPI. Despite claiming to provide access to OpenAI’s GPT-4 Turbo language learning model and Claude, a competitor to OpenAI’s ChatGPT, these packages only offered limited functionality to interact with the demo versions of the chatbots. This deceptive tactic was employed to make the packages appear legitimate to unsuspecting users.
Underneath the surface, the packages contained a JAR file that housed the JarkaStealer malware. JarkaStealer is an infostealer that is available for purchase on the Dark Web for as little as $20, with additional customization options available for a small fee. This malware is designed to steal data, capture screenshots, and extract session tokens from various popular applications like Telegram, Discord, and Steam.
Despite the malicious nature of these packages, they were able to remain on PyPI for over a year before being identified by researchers from Kaspersky. During that time, the packages were downloaded over 1,700 times across Windows and Linux systems in more than 30 countries, with the United States being the most heavily impacted.
However, an analysis of download statistics revealed that the popularity of these packages may have been artificially inflated. The packages experienced a significant drop in downloads after the initial surge, suggesting that the user behind them may have employed tactics to boost their popularity artificially. This tactic is commonly used by attackers to deceive users into trusting the legitimacy of their malicious software.
George Apostopoulos, a founding engineer at Endor Labs, commented on the incident, noting that while security professionals recommend verifying the popularity of a package before downloading it, most users may not take this precaution. As a result, many unsuspecting individuals could have unknowingly installed the infected packages.
In conclusion, the discovery of these malicious Python packages underscores the importance of vigilance when downloading software from third-party repositories. By remaining cautious and staying informed about potential risks, users can better protect themselves from falling victim to malware hidden within seemingly harmless applications.