Researchers Find Python-Based Ransomware Targeting Jupyter Notebook Web Apps

Researchers warn of likely future ransomware attacks against web applications used by data scientists

Researchers have found what they believe to be the first Python-based ransomware sample specifically targeting Jupyter Notebooks.

Python is not commonly used for developing malware, with criminals preferring languages like Go, DLang, Nim and Rust. Nevertheless, this is not the first Python ransomware. In October 2021, Sophos reported on a Python ransomware specifically targeting VMware ESXi servers.

The new sample was discovered by researchers at Aqua Security, after it was caught in one of its honeypots. The ransomware specifically targets Jupyter Notebooks, an open-source web app used by data professionals to work with data, write and execute code, and visualize the results. This ransomware encrypts every file on a given path on the server, and then deletes itself after execution.

“Since Jupyter Notebooks are used to analyze data and build data models, this attack can lead to significant damage to organizations if these environments aren’t properly backed up,” warn the researchers in an alert issued on March 29, 2022.

Since Jupyter Notebooks are web apps, they suffer from all the standard web app issues, including misconfigured or missing access authentication. The Aqua Security researchers found around 200 internet-facing Jupyter Notebooks (some but not all may be honeypots) with no authentication. Each one of these could be accessed by an attacker with nothing more than a browser, and the environment could be infected manually.

Aqua researcher Assaf Morag told SecurityWeek, “There are more than 11,000 servers with Jupyter Notebooks that are internet-facing, so you can run a brute force attack and possibly gain access to some of them – you would be surprised how easy it can be to guess these passwords.”

The sample trapped by Aqua is not a complete sample. It does not, for example, include evidence of a ransom note. “We suspect,” Morag told SecurityWeek, “that the attack either reached a timeout on the honeypot, or that the ransomware is still being tested prior to real world attacks.”

Nevertheless, the researchers believe from what they have that this is ransomware rather than a wiper weapon. “Wipers usually exfiltrate the data and wipe it or just wipe it,” continued Morag. “We haven’t seen any attempt to send the data outside the server and the data wasn’t just wiped, it was encrypted with a password (manually chosen by the attacker). This is another factor that leads us to believe that this is a ransomware attack rather than a wiper.”

He also suspects – because of a resemblance to other Python ransomware – that the attacker simply took existing code, and tweaked and adjusted it to his own needs. He does not have any information that could attribute the ransomware to any known group. However, he comments, “The first thing the attacker did to understand that he can download files from a remote source was to download a text file that contains solely the word ‘blat’. This is a naughty word in Russian and something that we have seen in the past by Russian attackers.”

There is a strong likelihood that this partial ransomware attack detected by Aqua is the forerunner of real-life attacks against Jupyter Notebooks. Since a built-in feature of the application allows the user to open a shell terminal with further access to the server, the potential for harm is considerable.

Aqua recommends that access to Jupyter Networks be properly authenticated; inbound traffic be controlled by eliminating internet access or limiting it to VPN access; use be constrained to non-privileged or limited privilege users; and outbound traffic be controlled as fully as possible.

Aqua Security provides a cloud native application protection platform (CNAPP). It was founded in 2015, and achieved unicorn status in 2021.

Related: Necro Python Botnet Starts Targeting Visual Tools DVRs

Related: Facebook Open Sources Analysis Tool for Python Code

Related: Python-Written CannibalRAT Used in Targeted Attacks

Related: Despite Warnings, Cloud Misconfiguration Problem Remains Disturbing