Cybersecurity researchers have found two malicious packages uploaded to the Python Package deal Index (PyPI) repository that impersonated widespread synthetic intelligence (AI) fashions like OpenAI ChatGPT and Anthropic Claude to ship an data stealer referred to as JarkaStealer.
The packages, named gptplus and claudeai-eng, had been uploaded by a consumer named “Xeroline” in November 2023, attracting 1,748 and 1,826 downloads, respectively. Each libraries are not out there for obtain from PyPI.
“The malicious packages had been uploaded to the repository by one writer and, in reality, differed from one another solely in title and outline,” Kaspersky mentioned in a put up.
The packages purported to supply a option to entry GPT-4 Turbo API and Claude AI API, however harbored malicious code that initiated the deployment of the malware upon set up.
Particularly, the “__init__.py” file in these packages contained Base64-encoded information that contained code to obtain a Java archive file (“JavaUpdater.jar”) from a GitHub repository (“github[.]com/imystorage/storage”). It additionally downloads the Java Runtime Atmosphere (JRE) from a Dropbox URL if Java isn’t already put in on the host, earlier than operating the JAR file.
The JAR file is a Java-based data stealer referred to as JarkaStealer that may steal a variety of delicate data, together with internet browser information, system information, screenshots, and session tokens from varied functions like Telegram, Discord, and Steam.
Within the remaining step, the collected data is archived, transmitted to the attacker’s server, after which deleted from the sufferer’s machine. JarkaStealer has been discovered to be supplied below a malware-as-a-service (MaaS) mannequin through a Telegram channel for anyplace between $20 and $50, though its supply code has been leaked on GitHub.
Statistics from ClickPy present that the packages had been downloaded primarily by customers situated within the U.S., China, India, France, Germany, and Russia as a part of the year-long provide chain assault marketing campaign.
“This discovery underscores the persistent dangers of software program provide chain assaults and highlights the vital want for vigilance when integrating open-source parts into growth processes,” Kaspersky researcher Leonid Bezvershenko mentioned.