Cybersecurity researchers have discovered three packages in the Python Package Index (PyPI) repository designed to covertly deliver a previously unknown malware family called ZiChatBot to Windows and Linux systems.
“While these wheel packages implement the functionality described on the PyPI web page, their true purpose is to covertly deliver malicious files,” Kaspersky said. “Unlike traditional malware, ZiChatBot does not communicate with a dedicated command and control (C2) server, but instead uses the public team chat app Zulip’s set of REST APIs as its C2 infrastructure.”
The activity has been described by the Russian cybersecurity firm as a “carefully planned and executed PyPI supply chain attack.” The names of packages that have since been removed are listed below.
uuid32-utils (1,479 downloads) colorinal (614 downloads) termncolor (387 downloads)
All three packages were uploaded to PyPI during a short period of time from July 16th to 22nd, 2025. uuid32-utils and colorinal utilize similar malicious payloads, but termncolor is a benign-looking package that lists colorinal as a dependency.
On Windows systems, when one of the first two packages is installed, the malicious code extracts a DLL dropper (‘terminate.dll’) and writes it to disk. When the library is imported into your project, the DLL is loaded and acts as a dropper for ZiChatBot. It then establishes an autorun entry in the Windows registry and executes code that removes itself from the host.
The Linux version of the shared object dropper (‘terminate.so’) plants malware in the ‘/tmp/obsHub/obs-check-update’ path and configures the crontab entry. Regardless of the operating system it is running on, ZiChatBot is designed to execute shellcode received from the C2 server. After executing the command, the malware sends a heart emoji in response to inform the server that the operation was successful.
It’s not exactly clear who is behind this campaign. However, Kaspersky said the dropper shares “64% similarity” with another dropper used by a Vietnamese hacker group named OceanLotus (also known as APT32).
In late 2024, threat actors were observed targeting the Chinese cybersecurity community using poisoned Visual Studio Code projects disguised as the Cobalt Strike plugin and delivering a Trojan that was automatically executed when the project was compiled. According to ThreatBook analysis, the malware uses the Notion note-taking service as its C2.
Kaspersky noted that if the PyPI supply chain campaign is indeed the work of OceanLotus, it represents the threat actor’s strategy to expand its targeting reach.
“While phishing emails remain a common initial infection method for OceanLotus, the group is also actively exploring new ways to compromise victims through a variety of supply chain attacks,” the group said.
Source link
