Skip to content

Malicious PyPI package ‘aiocpa’ steals crypto wallet data

  • by
  • 3 min read

A sophisticated cyberattack targeting Python developers has been uncovered involving a malicious Python Package Index (PyPI) named ‘aiocpa’ designed to steal sensitive cryptocurrency data. The package, disguised as a legitimate crypto client tool, bypassed traditional security measures by embedding obfuscated info stealer code in a recent update, exposing the growing challenges in securing software supply chains.

Researchers have uncovered that, unlike common PyPI attacks that employ typosquatting or impersonation tactics, the threat actors behind ‘aiocpa’ adopted a more insidious approach. They created and maintained a legitimate crypto client tool, aiming to gain user trust before introducing malicious code in a version update.

Cyber security experts identified the anomaly during routine threat monitoring on November 21, 2024. The malicious payload, buried in the ‘utils/sync.py’ file, was disguised using Base64 encoding and zlib compression layers.

“During the regular analysis of threats from open source packages, RL researchers often encounter malware using this type of code obfuscation, which includes several recursive layers of Base64 encoding and zlib compression,” researchers explained.

PyPI home page of the package. | Source: Reversing Labs

Upon deobfuscation, researchers uncovered a wrapper targeting the CryptoPay initialisation function. This wrapper exfiltrated sensitive crypto-related information — including tokens — to a remote Telegram bot, presenting significant risks to developers relying on the package.

“In this case, deobfuscation yielded a simple wrapper around the CryptoPay initialization function designed to exfiltrate all arguments to a remote Telegram bot. These arguments included sensitive information like tokens related to crypto trading, which can then be used to steal crypto assets,” researchers continued.

In a bold move to expand their reach, the attackers also attempted to seize control of another PyPI project named ‘pay,’ as evidenced by a takeover request on PyPI’s support GitHub in early September.

Malicious GitHub account details. | Source: Reversing Labs

This tactic highlights the growing sophistication of supply chain threats, underscoring the importance of safeguarding transitive dependencies in software projects.

The ‘aiocpa’ incident demonstrates the limitations of traditional security protocols. The package exhibited all the hallmarks of legitimacy:

  • A well-maintained project page with extensive documentation.
  • A maintainer profile with active GitHub contributions dating back to January 2024.
  • A robust download count exceeding 10,000 — indicative of developer trust.

The malicious code was absent from the GitHub repository, further complicating manual code reviews.

“The efforts taken by the threat actors to disguise their malicious creation meant that even reasonable efforts to assess the quality and integrity of the package in question would not be enough to identify the supply chain threat,” researchers concluded. “With the ever-growing sophistication of threat actors and the complexity of modern software supply chains, dedicated tools need to be incorporated into your development process to help prevent these threats and mitigate related risks.”

In October, security researchers discovered ten malicious packages on the PyPI repository that were decoding and managing data from multiple popular crypto wallets.

In the News: Advanced CleverSoar malware targets Chinese and Vietnamese users

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>