PyStoreRAT Supply Chain Malware Campaign
Targeted Sectors
· IT
· OSINT professionals
· software development supply chains (npm, PyPI, GitHub)
Targeted Countries
· Global
BLUF
An AI-driven campaign is abusing GitHub to host and distribute a new malware, PyStoreRAT, by compromising popular software packages in public repositories to steal credentials and data.
Date of First Reported Activity
· December 11, 2025
Date of Last Reported Activity Update
· December 11, 2025
APT Names
· There are no known associations in public threat intelligence reports
Associated Criminal Organization Names
· There are no known associations in public threat intelligence reports
IOCs
Network-Based IOCs
· Suspicious Outbound Connections: Look for unusual outbound network traffic from developer systems or build environments to unknown IP addresses or dynamic DNS domains (e.g., *.dynamic-dns.com).
· Command and Control (C2) URLs/IPs: The malware will attempt to connect to a hardcoded C2 server. These will vary by campaign, but often use generic-sounding domains like smartclick[.]org or ad-marketing[.]net.
· Unusual Ports/Protocols: Communications on non-standard ports or using unexpected protocols (e.g., DNS tunneling) can be a strong indicator of compromise.
Host-Based IOCs
· Suspicious File Hashes: As mentioned previously, specific SHA256 hashes for the malicious Python script or its compiled executable payload are the most direct IOCs. These must be obtained from current threat intelligence feeds (such as MalwareBazaar).
· Malicious Files in Package Directories: The presence of unexpected Python files (.py or .pyc) within installed package directories (site-packages, dist-packages) that are heavily obfuscated or perform unusual functions.
· Persistence Mechanisms: The creation of new registry keys (on Windows), scheduled tasks, or unexpected entries in startup folders designed to re-launch the malware after a reboot.
· Anomalous System Behavior: High or unusual CPU utilization, which can be characteristic of certain malware activities like cryptocurrency mining.
· Credential Theft Activity: Accessing browser-stored data, password managers, or attempting to harvest sensitive credentials from .env files or configuration files
CVEs and CVSS Vectors
· Not applicable thus far this attack has relied on social engineering and platform abuse.
Nessus ID
· This has not been tied to a specific CVE, this is not applicable
Mitigation Data
· Developers should validate the integrity and source of packages before inclusion.
· GitHub has been implementing tighter security, like mandatory 2FA, to mitigate these attacks.
Malware Names
· PyStoreRAT, various infostealers.
Malware Samples
· Unable to find a sample in Open source malware data bases
TTPs
· T1195.003: Supply Chain Compromise: Compromise of an API or Software Supply Chain
· T1566.001: Phishing: Spearphishing Attachment (potential initial compromise of maintainer accounts)
· T1003: OS Credential Dumping (targeting authentication tokens, CI/CD secrets, cloud keys)
Suggested Rules / potential hunts
Suggested Suricata rules
Not specified in search results
Suggested Sentinel rules
Not specified in search results.
Suggested Splunk hunts
· Monitor for suspicious package installations in build environments, and unexpected connections from development systems to unknown GitHub repositories or command and control infrastructure.
Delivery Method
· Malicious packages published to public repositories (PyPI, npm, GitHub).
Email Samples
This is not applicable. The malware is being delivered from data repositories
References:
PyStoreRAT: A New AI-Driven Supply Chain Malware Campaign Targeting IT & OSINT Professionals
References
Bleeping computer
hxxps://www.bleepingcomputer.com/tag/supply-chain-attack/
