Sonatype exposes malicious PyPI package ‘pytoileur’

Ryan Daws is a senior editor at TechForge Media with over a decade of experience in crafting compelling narratives and making complex topics accessible. His articles and interviews with industry leaders have earned him recognition as a key influencer by organisations like Onalytica. Under his leadership, publications have been praised by analyst firms such as Forrester for their excellence and performance. Connect with him on X (@gadget_ry) or Mastodon (

Sonatype has exposed ‘pytoileur’, a malicious PyPI package designed to download and install trojanised Windows binaries capable of surveillance, commandeering persistence, and stealing cryptocurrency. This discovery is part of a broader, months-long “Cool package” campaign aimed at infiltrating the coding community.

Yesterday, an automated malware detection system operated by Sonatype, known as the Sonatype Repository Firewall, flagged a newly published PyPI package called “pytoileur.” The malicious package, tracked as sonatype-2024-1783, had registered 264 downloads since its release before Sonatype alerted PyPI administrators to remove it.

The package described itself as a “Cool package.” with an HTML description claiming it to be “an API Management tool written in Python.” Intriguingly, it included a reference to “pystob,” a now-defunct package, indicating an attempt at typosquatting to deceive users of legitimate packages like “Pyston.”

Concealed malware

At first glance, the “” file within “pytoileur” seemed clean, but Sonatype security researcher Jeff Thornhill uncovered malicious code cleverly hidden with excessive white spaces. 

“While the base64 encoding is pretty standard in applications and doesn’t offer much in terms of masquerading malicious code, the author had attempted to ‘hide’ this particular encoded string from manual human review by injecting it after a print statement, and then including a paragraphs’ length of whitespace prior to the code,” Thornhill explained.

The base64-encoded payload was designed to target Windows users. It used Python commands to download a malicious executable from an external server (hxxp://51.77.140[.]144:8086/dl/runtime). The malicious binary, “Runtime.exe,” is executed using Windows PowerShell and VBScript commands. This executable employs anti-detection measures to avoid scrutiny and installs additional spyware capable of persistence, including info-stealing and crypto-jacking functionalities.

Targeting developers through StackOverflow

Ax Sharma, a researcher at Sonatype, discovered that the threat actor behind the ‘pytoileur’ malicious PyPI package is posting fake answers on StackOverflow, urging people to install the harmful package. 

This concern is magnified by the large presence of novice developers on StackOverflow, who are still learning and may fall victim to malicious advice.

Connection to ‘Cool package’

Further investigation revealed that “pytoileur” is part of a broader campaign linked to previously identified malicious packages. These packages, often described merely as “Cool package,” have employed similar deception techniques since 2023. They disguise themselves as API management tools or simplified versions of well-known utilities, targeting developers in various niches, including AI and machine learning.

One of the previous packages, “gpt-requests,” which appeared to target AI developers, also hid malicious payloads using whitespace. Similar to “pytoileur,” these payloads download trojanised binaries intended for spying and data theft.

The “lalalaopti” package is particularly noteworthy as it contained plaintext Python code modules for clipboard hijacking, keylogging, remote webcam access, and screenshot capture, further highlighting the malicious intent of the threat actors behind this campaign.

Sonatype and Checkmarx researchers have identified several malicious packages linked to this campaign, including:

  • gogogolokl
  • gpt-requests
  • kokokoako
  • lalalaopti
  • pybowl
  • pyclack
  • pyefflorer
  • pyhjdddo
  • pyhulul
  • pyioapso
  • pyjio
  • pyjoul
  • pykokalalz
  • pykooler
  • pyktrkatoo
  • pylioner
  • pyminor
  • pyowler
  • pypiele
  • pystallerer
  • pystob
  • pytarlooko
  • pytasler
  • pytoileur
  • pywolle
  • pywool

The resurgence of the “Cool package” campaign through “pytoileur” demonstrates the persistent threats posed by malicious actors in software development environments. As similar threats emerge, Sonatype says it will continue to expand its blocklists and safeguard the developer community.

(Photo by Kadarius Seegars)

See also: Phylum uncovers targeted malware disguised in Python package

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including BlockX, Digital Transformation Week, IoT Tech Expo and AI & Big Data Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , , , , , , ,

View Comments
Leave a comment

One comment on “Sonatype exposes malicious PyPI package ‘pytoileur’

  1. Daniel Max on

    This is a crucial and informative piece. The detection of the ‘pytoileur’ package by Sonatype highlights the ongoing threats in software development. The detailed examination of how malicious actors conceal their code and target developers through platforms like Stack Overflow is particularly alarming. Sonatype’s proactive measures are commendable and essential for safeguarding the community. This article serves as a strong reminder for developers to stay vigilant and prioritize security in their practices. Excellent work on shedding light on these critical issues.


Leave a Reply

Your email address will not be published. Required fields are marked *