Malicious PyPI Module Poses as SentinelOne SDK

Security researchers with ReversingLabs warn of a new supply chain attack using a malicious PyPI module that poses as a software development kit (SDK) from the cybersecurity firm SentinelOne.

The Python package was first uploaded on December 11 and received roughly 20 updates within the next two days. The module is completely unrelated to the legitimate threat detection firm, but abuses its brand reputation to attract unsuspecting victims.

Seemingly a fully-functional SentinelOne client – the malicious SDK appears built on top of legitimate SentinelOne code – the package contains backdoor code meant for data theft.

“This PyPI package is intended to serve as an SDK to abstract the access to SentinelOne’s APIs and make programmatic consumption of the APIs simpler,” ReversingLabs, which calls the attack ‘SentinelSneak’, notes.

The malicious package contains two api.py files that engage in suspicious behavior such as enumerating files in a directory, executing a file, deleting a file/directory, and spawning a new process.

An analysis of the updates that the package received over the course of two days showed that only api.py files were modified. These are the only package modules to contain the malicious code.

The backdoor was designed to exfiltrate data specific to development environments, such as shell command execution history and the contents of the SSH folder, which stores SSH keys and configuration information, including login credentials for Git, Kubernetes, and AWS services.

The malware also lists folders in the root directory and sends all collected data to the command-and-control (C&C) server.

The modifications made to the package show that the attackers attempted to adapt to targets by fine-tuning the backdoor to better work on multiple operating systems.

ReversingLabs says it observed five additional packages with similar naming variations, but those did not contain api.py files with malicious functionality. These packages were seen prior to December 11 and were likely meant for testing purposes.

“The malicious code appears designed to siphon sensitive information from development environments. Based on our analysis of the malware and the associated C&C infrastructure, it is unclear if this package was or is being used in active attacks against development environments, due to a lack of evidence found. The download stats suggest that the package has been downloaded more than 1,000 times,” ReversingLabs warns.

Related: Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware

Related: Security Firms Find Over 20 Malicious PyPI Packages Designed for Data Theft

Related: New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories