Cybersecurity researchers have uncovered a new threat lurking on the Python Package Index (PyPI) repository. A malicious package posing as a library associated with the Solana blockchain platform has been identified, with the primary objective of stealing sensitive data from unsuspecting victims.
Sonatype researcher Ax Sharma recently detailed in a report that an imposter package named “solana-py” was uploaded on PyPI, capitalizing on the naming discrepancy between the authentic Solana Python API project on GitHub (“solana-py”) and its representation on PyPI (“solana”).
The fake “solana-py” package managed to amass over 1,122 downloads since its release on August 4, 2024. However, it has since been removed from PyPI.
What sets this fraudulent library apart is its use of version numbers identical to the legitimate “solana” package, namely versions 0.34.3, 0.34.4, and 0.34.5. By mimicking the legitimate package’s versioning, the threat actor attempted to lure users seeking the authentic “solana” package into downloading the malicious “solana-py” instead.
Moreover, the rogue package incorporates genuine code from the original library but includes additional code in the “__init__.py” script to extract Solana blockchain wallet keys discreetly from the system.
These stolen credentials are then sent to a domain hosted by the threat actor (“treeprime-gen.hf[.]space”), highlighting the trend of malicious actors exploiting legitimate platforms for malevolent purposes.
The alarming aspect of this attack campaign lies in its supply chain implications. Investigation revealed that legitimate libraries like “solders” referenced “solana-py” in their PyPI documentation, potentially leading developers to inadvertently download the malicious package from PyPI, thereby expanding the attack surface.
Sharma explained, “If a developer using the genuine ‘solders’ PyPI package is deceived by solders’ documentation into falling for the typosquatted ‘solana-py’ project, a crypto stealer would be introduced into their application, compromising both their own secrets and those of their users.”
This revelation coincides with Phylum’s discovery of numerous spam npm packages on the registry exhibiting signs of Tea protocol abuse, an ongoing campaign initially exposed in April 2024.
“The Tea protocol project is taking steps to mitigate this issue,” stated the supply chain security firm, emphasizing the importance of tackling such deception to protect the integrity of legitimate participants in the Tea protocol.
Make sure to stay updated by following us on Twitter and LinkedIn for more exclusive content.