Virus in PyPI code: Jarka stealer steals data from Telegram and Discord

[Man]

The Jarka malware used PyPI for a global attack.

Kaspersky Lab experts discovered an attack on the software supply chain that lasted almost a year. Malicious packages disguised as tools for creating chatbots based on neural networks were distributed through the PyPI repository. Once installed, these packages infected devices with Jarka stealer, which was used to steal data.

Malicious packages appeared on the PyPI platform in November 2023 and were downloaded 1.7 thousand times by users from 30 countries before they were identified. The greatest interest in them was shown in the United States, China, France, Germany and Russia. The attack did not appear to have targeted specific regions or organizations.

The packets were disguised as shells for popular neural network chatbots, such as OpenAI's ChatGPT and Anthropic's Claude AI. They provided access to the functionality of chatbots, while installing the Jarka stealer, written in the Java language. The malware is capable of stealing data from browsers, taking screenshots, collecting system information, intercepting session tokens from applications such as Telegram, Discord, and Steam, and manipulating browser processes to extract stored data.

Jarka was distributed through a Telegram channel using the MaaS (Malware as a Service) model, and the source code was uploaded to GitHub, making it available for download. Linguistic features in the code and advertising materials point to a Russian-speaking developer.

The malicious packages were removed after the platform's notification, however, the attack highlighted the risks associated with the integration of open-source components. Experts emphasize the importance of checking the integrity of the code at all stages of development to prevent such threats.

Source

 

[Man]

The stealer was distributed for a year through a legal software repository under the guise of tools for working with neural networks.​

Experts from Kaspersky GReAT (Kaspersky Lab's Global Research and Analysis Team) discovered an attack on the software supply chain that lasted for almost a year. Through the Python Package Index (PyPI) software repository, attackers distributed malicious packages under the guise of tools for creating chatbots based on neural networks. In this way, users' devices were infected with the Jarka stealer.

Who was affected by the attack?​

The malicious packages had been available on PyPI, a repository used by Python developers, since November 2023. Before they were discovered, they had been downloaded 1,700 times by users in 30 countries. According to PyPI statistics obtained from third-party monitoring services, the greatest interest in these tools was in the United States, China, France, Germany, and Russia. The attackers did not appear to be targeting any specific organization or region.

How the threat was identified​

Kaspersky GReAT experts discovered the malicious packages using an internal automated system for monitoring open-source repositories. These packages were disguised as Python wrappers for two popular neural network-based chatbots: ChatGPT by OpenAI and Claude AI by Anthropic. They did provide access to the chatbot functionality, but at the same time installed the Jarka stealer on users' devices.

What can malware do?​

The Jarka stealer, written in Java, allows you to steal data from various browsers, take screenshots, collect system information, and intercept session tokens from applications such as Telegram, Discord, Steam, and the Minecraft cheat client. The malware code also contains functionality for terminating processes in browsers such as Chrome and Edge, which allows you to access and steal saved data. Before it was deleted from the infected device, the collected information was sent to the attackers' server as an archive.

Kaspersky GReAT experts found that the malware developer was selling and distributing it via a Telegram channel and a bot using the Malware-as-a-Service (MaaS) model. They also found that the Jarka source code was uploaded to GitHub, making it available for download to anyone.

Based on the language artifacts found in the malware code and ads in Telegram, we can say with a medium to high degree of certainty that the malware was created by a Russian-speaking attacker.

“The discovered campaign highlights the ongoing risks associated with supply chain attacks. It is critical to exercise caution when integrating open source components during the development process. We recommend that organizations implement strict code integrity checks at all stages of development to ensure the legitimacy and security of external software or external components. This is especially important when integrating new popular technologies, such as neural networks,” comments Leonid Bezvershenko, cybersecurity expert at Kaspersky GReAT.

Kaspersky Lab reported the malicious packages to PyPI and has since removed them. The company continues to monitor activity related to Jarka and other suspicious uploads to open source platforms, including PyPI, to ensure the security of the software supply chain.

Source