Security Experts:

Connect with us

Hi, what are you looking for?



Malicious PyPI Module Poses as SentinelOne SDK

Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK) from the cybersecurity firm SentinelOne.

Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK) from the cybersecurity firm SentinelOne.

The Python package was first uploaded on December 11 and received roughly 20 updates within the next two days. The module is completely unrelated to the legitimate threat detection firm, but abuses its brand reputation to attract unsuspecting victims.

Seemingly a fully-functional SentinelOne client – the malicious SDK appears built on top of legitimate SentinelOne code – the package contains backdoor code meant for data theft.

“This PyPI package is intended to serve as an SDK to abstract the access to SentinelOne’s APIs and make programmatic consumption of the APIs simpler,” ReversingLabs, which calls the attack ‘SentinelSneak’, notes.

The malicious package contains two files that engage in suspicious behavior such as enumerating files in a directory, executing a file, deleting a file/directory, and spawning a new process.

An analysis of the updates that the package received over the course of two days showed that only files were modified. These are the only package modules to contain the malicious code.

The backdoor was designed to exfiltrate data specific to development environments, such as shell command execution history and the contents of the SSH folder, which stores SSH keys and configuration information, including login credentials for Git, Kubernetes, and AWS services.

The malware also lists folders in the root directory and sends all collected data to the command-and-control (C&C) server.

The modifications made to the package show that the attackers attempted to adapt to targets by fine-tuning the backdoor to better work on multiple operating systems.

ReversingLabs says it observed five additional packages with similar naming variations, but those did not contain files with malicious functionality. These packages were seen prior to December 11 and were likely meant for testing purposes.

“The malicious code appears designed to siphon sensitive information from development environments. Based on our analysis of the malware and the associated C&C infrastructure, it is unclear if this package was or is being used in active attacks against development environments, due to a lack of evidence found. The download stats suggest that the package has been downloaded more than 1,000 times,” ReversingLabs warns.

Related: Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware

Related: Security Firms Find Over 20 Malicious PyPI Packages Designed for Data Theft

Related: New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...