GoKawiilAn attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets.
The dangerous release is 0.23.3, and it extended to the Docker image due to the package's workflow that creates the image from the code and uploads it to a container registry for deployment.
Community member crisperik spotted the malicious upload and opened an issue on the project’s GitHub on Saturday, alerting the maintainer and decreasing the exposure window.
A clean replacement, elementary-data 0.23.4, was pushed to users. However, users who downloaded the malicious variant remained compromised.
The elementary-data package is an open-source data observability tool for dbt, primarily used by data/analytics engineers working with data pipelines. It is a popular tool in the dbt (Data Build Tool) ecosystem, with more than 1.1 million monthly downloads on PyPI.
According to an analysis of the incident published by StepSecurity researchers, the attacker exploited a flaw in the project’s workflow, rather than compromising the maintainers’ accounts, as is more common with rogue updates.
The attacker posted a malicious comment on a pull request that exploited a GitHub Actions script injection flaw, causing the workflow to execute attacker-controlled shell code.
This exposed the workflow’s GITHUB_TOKEN, which was then used to forge a signed commit and tag (v0.23.3) and trigger the project’s legitimate release pipeline.
The pipeline built and published the backdoored package to PyPI as well as a malicious image to GitHub Container Registry, making it appear as an official release.
The malicious release on PyPI
... continue reading