A sophisticated software supply chain attack leveraging Python Package Index (PyPI) repositories to deploy malware using Google’s SMTP infrastructure as a command-and-control mechanism. 

The campaign involved seven malicious packages – Coffin-Codes-Pro, Coffin-Codes-NET2, Coffin-Codes-NET, Coffin-Codes-2022, Coffin2022, Coffin-Grave, and cfc-bsb – which collectively amassed over 55,000 downloads before being removed. 

Sophisticated Tunneling Technique

The malicious packages operate by establishing an SMTP connection to Gmail’s servers using hardcoded credentials, then creating a bidirectional tunnel that allows remote attackers to execute commands and exfiltrate data. 

This technique is particularly insidious because SMTP traffic is commonly considered legitimate by firewalls and endpoint detection systems.

The primary package, Coffin-Codes-Pro, illustrates the following attack method.

After establishing the initial connection, the malware creates a WebSocket connection that serves as the command and control channel:

According to package release dates on PyPI, the threat actor has been developing this exploit for at least three years. 

The oldest package, cfc-bsb, released in March 2021, lacks email exfiltration capabilities but still implements suspicious WebSocket-based HTTP tunneling similar to Ngrok.

Later versions refine the technique, consistently using Gmail’s SMTP server on port 465 and varying only in the account credentials used for authentication. 

The packages consistently communicate with the same recipient address: [email protected].

These packages pose significant risks, potentially enabling attackers to:

• Access internal dashboards, APIs, and admin panels.
• Transfer files and execute shell commands.
• Harvest credentials and sensitive information.
• Establish persistence for further network penetration.

“Previously, threat actors used this tactic to siphon private keys to Solana,” notes Socket’s report shared with Cyber Security News.

“The attacker could access internal dashboards, APIs, or admin panels that are only accessible to the victim”. The reference to “blockchain” in the communication channels suggests cryptocurrency theft may be a primary motivation.

Security experts recommend:

• Monitoring for unusual outbound connections, especially SMTP traffic.
• Verifying package authenticity through download counts and publisher history.
• Conducting regular dependency audits.
• Implementing strict access controls for sensitive resources.
• Using isolated environments for testing third-party code.

These findings highlight a growing trend of supply chain attacks targeting package repositories. 

The Socket GitHub app, CLI, and browser extension can provide protection by scanning dependencies for malicious or typosquatted packages before they enter your project.

All seven packages have been removed from PyPI, but the technique represents an evolving threat that security teams should monitor closely as it aligns with the MITRE ATT&CK technique T1102.002 (Web Service: Bidirectional Communication).

Are you from the SOC and DFIR Teams? – Analyse Real time Malware Incidents with ANY.RUN -> Start Now for Free.