Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials.

The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over SSH.

While the legitimate package has over 202 million downloads, its malicious counterpart has been downloaded more than 37,100 times to date. As of writing, "fabrice" is still available for download from PyPI. It was first published in March 2021. 

The typosquatting package is designed to exploit the trust associated with "fabric," incorporating "payloads that steal credentials, create backdoors, and execute platform-specific scripts," security firm Socket said.

"Fabrice" is designed to carry out its malicious actions based on the operating system on which it's installed. On Linux machines, it uses a specific function to download, decode, and execute four different shell scripts from an external server ("89.44.9[.]227").

On systems running Windows, two different payloads – a Visual Basic Script ("p.vbs") and a Python script – are extracted and executed, with the former running a hidden Python script ("d.py") stored in the Downloads folder.

"This VBScript functions as a launcher, allowing the Python script to execute commands or initiate further payloads as designed by the attacker," security researchers Dhanesh Dodia, Sambarathi Sai, and Dwijay Chintakunta said.

The other Python script is designed to download a malicious executable from the same remote server, save it as "chrome.exe" in the Downloads folder, set up persistence using scheduled tasks to run the binary every 15 minutes, and finally delete the "d.py" file.

The end goal of the package, regardless of the operating system, appears to be credential theft, gathering AWS access and secret keys using the Boto3 AWS Software Development Kit (SDK) for Python and exfiltrating the information back to the server.

"By collecting AWS keys, the attacker gains access to potentially sensitive cloud resources," the researchers said. "The fabrice package represents a sophisticated typosquatting attack, crafted to impersonate the trusted fabric library and exploit unsuspecting developers by gaining unauthorized access to sensitive credentials on both Linux and Windows systems."

Update

The "fabrice" package is no longer available for download from the PyPI repository.