RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users.

The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. Cumulatively, the gems have been downloaded more than 275,000 times.

That said, it bears noting that the figure may not accurately represent the actual number of compromised systems, as not every download results in execution, and it’s possible several of these gems have been downloaded to a single machine.

“Since at least March 2023, a threat actor using the aliases zon, nowon, kwonsoonje, and soonje has published 60 malicious gems posing as automation tools for Instagram, Twitter/X, TikTok, WordPress, Telegram, Kakao, and Naver,” security researcher Kirill Boychenko said.

While the identified gems offered the promised functionality, such as bulk posting or engagement, they also harbored covert functionality to exfiltrate usernames and passwords to an external server under the threat actor’s control by displaying a simple graphical user interface to enter users’ credentials.

Some of the gems, such as njongto_duo and jongmogtolon, are notable for focusing on financial discussion platforms, with the libraries marketed as tools to flood investment-related forums with ticker mentions, stock narratives, and synthetic engagement to amplify visibility and manipulate public perception.

The servers that are used to receive the captured information include programzon[.]com, appspace[.]kr, and marketingduo[.]co[.]kr. These domains have been found to advertise bulk messaging, phone number scraping, and automated social media tools.

Victims of the campaign are likely to be grey-hat marketers who rely on such tools to run spam, search engine optimization (SEO), and engagement campaigns that artificially boost engagement.

“Each gem functions as a Windows-targeting infostealer, primarily (but not exclusively) aimed at South Korean users, as evidenced by Korean-language UIs and exfiltration to .kr domains,” Socket said. “The campaign evolved across multiple aliases and infrastructure waves, suggesting a mature and persistent operation.”

“By embedding credential theft functionality within gems marketed to automation-focused grey-hat users, the threat actor covertly captures sensitive data while blending into activity that appears legitimate.”

The development comes as GitLab detected multiple typosquatting packages on the Python Package Index (PyPI) that are designed to steal cryptocurrency from Bittensor wallets by hijacking the legitimate staking functions. The names of the Python libraries, which mimic bittensor and bittensor-cli, are below –

• bitensor (versions 9.9.4 and 9.9.5)
• bittenso-cli
• qbittensor
• bittenso

“The attackers appear to have specifically targeted staking operations for calculated reasons,” GitLab’s Vulnerability Research team said. “By hiding malicious code within legitimate-looking staking functionality, the attackers exploited both the technical requirements and user psychology of routine blockchain operations.”

The disclosure also follows new restrictions imposed by PyPI maintainers to secure Python package installers and inspectors from confusion attacks arising from ZIP parser implementations.

Put differently, PyPI said it will reject Python packages “wheels” (which are nothing but ZIP archives) that attempt to exploit ZIP confusion attacks and smuggle malicious payloads past manual reviews and automated detection tools.

“This has been done in response to the discovery that the popular installer uv has a different extraction behavior to many Python-based installers that use the ZIP parser implementation provided by the zipfile standard library module,” the Python Software Foundation’s (PSF) Seth Michael Larson said.

PyPI credited Caleb Brown from the Google Open Source Security Team and Tim Hatch from Netflix for reporting the issue. It also said it will warn users when they publish wheels whose ZIP contents don’t match the included RECORD metadata file.

“After 6 months of warnings, on February 1st, 2026, PyPI will begin rejecting newly uploaded wheels whose ZIP contents don’t match the included RECORD metadata file,” Larsen said.

Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.

Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.

Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!