PyPi Malware Compromises Over 3 Million Users Daily with Sensitive Information Theft

A recent security incident has compromised LiteLLM versions 1.82.7 and 1.82.8 on PyPi, affecting over 3 million users daily.

The malicious code, identified as an infostealer, targets various sensitive information including cloud credentials from AWS, GCP, and Azure, SSH keys, crypto currency wallets, and Slack/Discord API keys.

The malware searches for and extracts passwords, SSH keys, private keys, AWS credentials, Kubernetes secrets, and Google Cloud credentials on the victim machine. It also reads user configurations such as npmrc, mongorc, LDAP, redis, mysql, postgres, and postfix.

Moreover, it searches for crypto currency configurations in various currencies like Bitcoin, Litecoin, Ethereum, Solana, Cardano, Zcash, Dashcore, Ripple, and Monero. After collecting the information, the malware encrypts the data with its hardcoded key using openssl and sends it to a remote C2 server.

Ox Security notes that their customers were not affected by the malicious LiteLLM package, and recommend immediate actions such as rotating session tokens and API keys, pinning dependencies to specific versions, and removing unused credentials.