Cybersecurity researchers have found two malicious packages uploaded to the Python Package deal Index (PyPI) repository that impersonated in style synthetic intelligence (AI) fashions like OpenAI ChatGPT and Anthropic Claude to ship an info stealer referred to as JarkaStealer.
The packages, named gptplus and claudeai-eng, have been uploaded by a consumer named “Xeroline” in November 2023, attracting 1,748 and 1,826 downloads, respectively. Each libraries are now not accessible for obtain from PyPI.
“The malicious packages were uploaded to the repository by one author and, in fact, differed from each other only in name and description,” Kaspersky mentioned in a submit.
The packages purported to supply a technique to entry GPT-4 Turbo API and Claude AI API, however harbored malicious code that initiated the deployment of the malware upon set up.
Particularly, the “__init__.py” file in these packages contained Base64-encoded information that contained code to obtain a Java archive file (“JavaUpdater.jar”) from a GitHub repository (“github[.]com/imystorage/storage”). It additionally downloads the Java Runtime Surroundings (JRE) from a Dropbox URL if Java isn’t already put in on the host, earlier than operating the JAR file.
The JAR file is a Java-based info stealer referred to as JarkaStealer that may steal a variety of delicate info, together with net browser information, system information, screenshots, and session tokens from numerous functions like Telegram, Discord, and Steam.
Within the remaining step, the collected info is archived, transmitted to the attacker’s server, after which deleted from the sufferer’s machine. JarkaStealer has been discovered to be provided underneath a malware-as-a-service (MaaS) mannequin through a Telegram channel for anyplace between $20 and $50, though its supply code has been leaked on GitHub.
Statistics from ClickPy present that the packages have been downloaded primarily by customers situated within the U.S., China, India, France, Germany, and Russia as a part of the year-long provide chain assault marketing campaign.
“This discovery underscores the persistent risks of software supply chain attacks and highlights the critical need for vigilance when integrating open-source components into development processes,” Kaspersky researcher Leonid Bezvershenko mentioned.
