GitHub Token Disclosure Reveals Python’s Core Repositories Susceptible to Potential Attacks
Researchers in the cybersecurity field have reported an inadvertent leakage of a GitHub access token, potentially exposing the core repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories to security risks.
Unveiled by JFrog, the GitHub Personal Access Token was unintentionally divulged within a public Docker container hosted on Docker Hub.
“The significance of this incident cannot be overstated as the implications of malicious individuals obtaining this token could have been severe – allowing for potential injection of harmful code into PyPI packages (such as replacing legitimate packages with malicious ones) and even affecting the integrity of the Python language itself,” as indicated by the software company specializing in supply chain security stated.
An unauthorized entity could have theoretically taken advantage of their administrative privileges to orchestrate a widespread supply chain attack by tampering with the source code associated with the core components of the Python programming language or the PyPI package manager.
JFrog highlighted that the authentication token was enclosed within a Docker container, specifically in a compiled Python file (“build.cpython-311.pyc”) that was mistakenly left unremoved.
Upon responsibly disclosing this incident on June 28, 2024, the token, which was associated with the GitHub account of PyPI Admin Ee Durbin, was promptly invalidated. There is no indication that this secret was utilized for malicious activities.
PyPI affirmed that the token was generated before March 3, 2023, and pinpointing the exact issuance date is challenging due to the absence of security logs beyond a 90-day period.
“During the development of cabotage-app5 on my local machine and handling the build section of the codebase, I kept encountering GitHub API rate restrictions,” Durbin shared.
“These limits were applicable to anonymous access. Although the production environment is set up as a GitHub App, I opted to include my personal access token in my local files due to laziness instead of configuring a GitHub App for local testing. These adjustments were never intended to be shared remotely.”
This revelation coincides with Checkmarx’s discovery of a series of harmful packages on PyPI designed to extract confidential data to a Telegram bot without the users’ consent or awareness.
These packages, namely testbrojct2, proxyfullscraper, proxyalhttp, and proxyfullscrapers, are designed to scan the compromised system for files with extensions such as .py, .php, .zip, .png, .jpg, and .jpeg.
“The Telegram bot is associated with numerous cybercriminal activities rooted in Iraq,” highlighted Checkmarx researcher Yehuda Gelb noted, mentioning that the bot’s history of messages dates back to 2022.
“Furthermore, the bot operates as an underground marketplace offering services related to manipulating social media. It has been involved in financial fraud and exploits individuals by extracting their data.”
About Author
