Malicious PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
What Happened — Researchers identified three Python Package Index (PyPI) wheel packages that masquerade as legitimate utilities but silently drop the new ZiChatBot malware on both Windows and Linux hosts. The payload leverages Zulip chat‑API calls to exfiltrate data and establish persistence.
Why It Matters for TPRM —
- Supply‑chain compromise of a public code repository can affect any downstream vendor that incorporates third‑party packages.
- Malware targets development and operations environments, potentially exposing source code, credentials, and internal communications.
- Early detection is difficult; reliance on package‑manager trust models may give a false sense of security.
Who Is Affected — SaaS providers, cloud‑native developers, DevOps teams, and any organization that integrates Python packages from PyPI, especially those using Zulip or similar chat‑API services.
Recommended Actions —
- Audit all Python dependencies for unauthorized or newly added packages.
- Enforce strict SBOM (Software Bill of Materials) validation and signed package verification.
- Deploy endpoint detection that monitors unusual network calls to Zulip endpoints.
- Review vendor contracts for clauses on third‑party component security and supply‑chain risk.
Technical Notes — The malicious wheels embed a dropped executable that contacts Zulip’s API to retrieve channel data and send it to attacker C2 servers. No CVE is associated; the attack exploits trust in PyPI’s open‑source distribution model. Data types at risk include chat logs, API tokens, and potentially source code. Source: The Hacker News