OceanLotus Group Infiltrates PyPI in Sophisticated Supply Chain Attack, Delivering Novel ZiChatBot Malware
Breaking News: OceanLotus Strikes Python Package Index
Security researchers have uncovered a targeted supply chain attack on the Python Package Index (PyPI) linked to the notorious OceanLotus threat group. The attack, active since July 2025, uses malicious wheel packages to stealthily deliver a previously unknown malware family named ZiChatBot.
Key finding: The malware leverages public REST APIs from the team chat app Zulip as its command-and-control (C2) infrastructure, avoiding traditional C2 servers. This novel technique makes detection and takedown more challenging.
Attack Details
Malicious Packages Identified
Three fake libraries were uploaded to PyPI: uuid32-utils, colorinal, and termncolor. Their names mimic popular utilities to trick developers into downloading them via pip.
According to PyPI metadata, the packages were first uploaded on July 16 and July 22, 2025. The authors used encrypted email services — Tutanota and ProtonMail — to hide their identities.
Analysis by Kaspersky’s Threat Attribution Engine (KTAE) linked the packages to OceanLotus, an advanced persistent threat group. “The attacker created a benign-looking package that included the malicious one as a dependency, confirming a carefully planned campaign,” said a Kaspersky researcher.
Infection Mechanism
The wheel packages act as droppers. Once installed, they deliver either a .DLL (Windows) or .SO (Linux) shared library payload. This enables the malware to target both platforms.
These libraries execute a two-stage infection: first downloading a secondary payload, then deploying ZiChatBot. The malware communicates over Zulip’s REST APIs, blending in with legitimate traffic.
Background
OceanLotus (also known as APT32 or SeaLotus) is a state-sponsored group primarily targeting Southeast Asian countries. It has previously used watering holes and spear-phishing to deploy custom malware.
PyPI, the official third-party software repository for Python, has become a frequent vector for supply chain attacks. Recent incidents include malicious packages that exfiltrate environment variables or install cryptominers.
What This Means
This attack underscores the need for developers to verify the integrity of open-source dependencies before installing. The use of Zulip as C2 highlights how attackers weaponize legitimate services to evade detection.
Security teams should monitor for suspicious Zulip API calls and restrict outbound traffic to known benign services. Enterprises using Python packages should audit their dependencies for these specific libraries.
“Supply chain attacks are on the rise, and this one shows a high degree of sophistication,” commented a CISA spokesperson. “We recommend organizations implement software bill of materials (SBOM) practices.”
Related Articles
- Navigating Belgium's Nuclear Reversal: A Step-by-Step Guide to Reviving Nuclear Power
- Massive Open Source Supply Chain Attack Steals Credentials from 1 Million Monthly Users
- Unmasking the OceanLotus PyPI Attack: ZiChatBot Malware Explained
- A CISO's Guide to Preventing Insider Threats: Lessons from the Snowden Leak
- Former Ransomware Negotiators Sentenced to Prison for Involvement in BlackCat Cyberattacks
- Deceptive Call History Apps: How 7.3 Million Downloads Led to Payment Theft
- Critical Vulnerability in Third-Party Tar Crate Affects Rust's Cargo Package Manager
- Silver Fox Group Deploys Novel ABCDoor Backdoor in Tax-Themed Phishing Campaigns Targeting India and Russia