• JRaccoon@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    7
    ·
    16 hours ago

    the malicious package was added to PyPi last year in June and has been downloaded 885 times so far.

    That’s a pretty long time to go undetected. Makes you wonder how many other similar packages there currently are, yet to be discovered, in PyPi, npm and others.

  • Pika
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    12 hours ago

    This is becoming a reoccurring trait for pypi, this should be a red flag to the maintainers of the repo site that something is wrong with their publishing process. Granted NPM has the same issues but this trait seems to have become more common on pypi from what I’ve seen.

    Honestly what they should implement is a community based vetting process similar to a lot of art sites with their post tagging. Since most of these malicious packages are using the ideology that they want the user to accidentally install that one instead of the other, or that the package is an addon to a popular package. The implementation would be super simple. If the package name has at least 20% of another popular packages name(decided by the amount of installs it had), it flags it for manual vetting by the community. It would go into a dedicated spot on the site called “potential packages” or “pending packages” and if you are a known community member (have an established package already + not a new account) you can “ok” the package. Granted more than one ok would be needed but the ideology of this would be that commonly used tactics would be a hindrance or delayed by it.

    Using this for an example. Pycord is a known major discord bot development library, this malicious script takes advantage of that by calling itself pycord-self, which makes it seem like its a selfbot addition library for pycord. Since the name contains more than 20% of the word “pycord”, this process would have flagged the malicious script for manual vetting before published, which would have potentially caught the malicious intent beforehand.

    This method forces malicious actors to either use a really weird name, that might catch the eye of the user ahead of time/give red flags, or just find another way to distribute the package. Legitimate packages will be slightly delayed, but they would eventually be vetted and told “yea that good”.

    also note: I don’t mean that the package wouldn’t be available by direct name(pip install X), just that the name wouldn’t be available by searching the repo. If the project is installed via direct name and isn’t vetted yet an alert should be displayed saying “this project is not yet vetted by the community, would you like to continue” or something similar