Table of Contents
November 23, 2024
|3m
JarkaStealer Malware Discovered in Fake AI Integration Packages on PyPI Repository
Cybersecurity researchers from Kaspersky's GReAT have uncovered a sophisticated supply chain attack involving two malicious Python packages that masquerade as AI integration tools while delivering the JarkaStealer malware.
The malicious packages, named "gptplus" and "claudeai-eng," were hosted on the Python Package Index repository for over a year and amassed more than 1,700 downloads across 30+ countries. The packages claimed to provide API access to OpenAI's GPT-4 Turbo and Anthropic's Claude AI respectively.
"The packages implemented a deceptive mechanism that interfaced with a ChatGPT demo proxy to create the illusion of legitimate functionality," the researchers explained in their analysis. "However, their primary purpose was to serve as a delivery vehicle for the JarkaStealer malware."
The infection chain begins when the packages' init.py file decodes embedded data to download a JavaUpdater.jar file from GitHub. If Java Runtime Environment (JRE) is not present on the victim's system, the malware automatically fetches and installs it from Dropbox before executing the JAR file containing JarkaStealer.
JarkaStealer, believed to be developed by Russian-speaking threat actors, is distributed through Telegram as malware-as-a-service (MaaS). Its capabilities include:
Browser data theft
Screen capture functionality
System information collection
Session token extraction from applications like Telegram, Discord, and Steam
Browser process termination for accessing stored credentials The researchers noted that while JarkaStealer is
typically sold as a service, its source code was also found on GitHub, suggesting this campaign may not involve the malware's original authors.
"Developers should exercise extreme caution when working with open source packages, particularly those related to trending technologies like AI integration," the researchers warned. "Red flags in this case included both packages being published from a newly created account just days after registration."
The malicious packages have since been removed from PyPI following Kaspersky's disclosure to repository administrators. Users who downloaded either package are advised to:
Immediately remove the malicious packages
Change or reissue all passwords and session tokens used on affected systems
Implement thorough vetting processes for third-party dependencies
Consider using security tools designed for monitoring open source components
The discovery highlights the growing trend of threat actors exploiting the popularity of AI-related tools and services to distribute malware through trusted software repositories.
Visit our website to get cybersecurity updates like this, thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this.
You may also like these articles:
Anthony Denis
Anthony Denis a Security News Reporter with a Bachelor's in Business Computer Application. Drawing from a decade of digital media marketing experience and two years of freelance writing, he brings technical expertise to cybersecurity journalism. His background in IT, content creation, and social media management enables him to deliver complex security topics with clarity and insight.
