December 20, 2022

An unknown threat actor created a malicious Python package on PyPI that appears to be a software development kit (SDK) for a well-known SentinelOne security client but steals data from developers in the latest supply chain attack.

The Python package was initially uploaded on December 11 and received approximately 20 updates over the next two days. The module has nothing to do with the legitimate threat detection firm, but it takes advantage of its brand reputation to attract unsuspecting victims.

The package contains backdoor code meant for data theft from development systems, including credentials, configuration data, and SSH keys. It appears to be a fully-functional SentinelOne client – the malicious SDK appears to be built on top of legitimate SentinelOne code. The package is part of a malicious campaign dubbed “SentinelSneak” by ReversingLabs.

The phoney ‘SentinelOne’ package includes “api.py” files containing malicious code that steals and uploads data to an IP address (54.254.189.27) that does not belong to SentinelOne’s infrastructure.

Five additional malicious packages with similar names were published by threat actors; these modules did not contain api.py files with malicious functionality, implying they were used for testing purposes. The malicious versions of the package had been downloaded over 1,000 times on PyPI, according to the experts.

The sources for this piece include an article in BleepingComputer.