Researchers have discovered another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries. Those fooled by the seemingly familiar packages might be prone to malware downloads or the theft of user credentials and passwords.

Check Point Research, which delivered its conclusions on Monday, wrote that he didn’t know how many people had downloaded the 10 packages, but he noted that PyPi has 613,000 active users and its code is used in over 390,000 projects. Installation from PyPi via the pip The command is a fundamental step to start or configure many Python projects. Pepya site that rates Python project downloads, suggests that most malicious packages have seen hundreds of downloads.

Such supply chain attacks are becoming increasingly common, especially among open source software repositories that support a wide swath of software around the world. Python’s repository is a frequent target, with researchers discovering malicious packages in September 2017; June, July and November 2021; and June of this year. But nifty packages have also been found in RubyGems in 2020, NPM in December 2021, and many other open source repositories.

Most notably, a private-source supply chain attack by Russian hackers via commercial software SolarWinds caused notable damage, resulting in the infection of more than 100 companies and at least nine US federal agencies, including the National Nuclear Security Administration, Internal Revenue Service, Department of State, and Department of Homeland Security.

The increasingly common discovery of fake, malicious packages is pushing repositories to take action. Just yesterday, GitHub, owner of the NPM repository for JavaScript packages, opened a request for comment on offering an opt-in system for package developers to sign and verify their packages. Using SignstoreA collaboration between many open source and industry groups, NPM developers can sign packages, signaling that the code they contain matches their original repository.

Having a clear indication that the package you download is linked to the code you need might have helped people avoid the more recently discovered PyPi bad actors, but maybe not entirely. “Ascii2text” directly copied almost every aspect of the ASCII art library “art”, minus the version details. To maybe close to 1,000 downloadersits descriptive name might have suggested a more definite purpose than “art”.

Installing ascii2text triggered a malicious script to download, which then searched the local storage of Opera, Chrome and other browsers for tokens, passwords or cookies, and some crypto wallets , and sent them to a Discord server.

Other packages discovered by Check Point targeted AWS and other credentials and environment variables. Here is the list of PyPi packages reported and removed since:

• ascii2text
• pyg-utils
• pymocks
• PyProto2
• asynchronous-test
• free-net-vpn
• free-net-vpn2
• zlibsrc
• browserdiv
• WINRPCexploit