📔PyPI's Terms of Use

Before you go hunting for malicious packages, it's important you known what PyPI considers an invalid project

PEP 541

PEP 541 defined what an invalid project is:

A project published on the Package Index meeting ANY of the following is considered invalid and will be removed from the Index:

• project does not conform to Terms of Use;

• project is malware (designed to exploit or harm systems or users directly, to facilitate command-and-control attacks, or perform data exfiltration);

• project is spam (designed to advertise or solicit goods or services);

• project contains illegal content;

• project violates copyright, trademarks, patents, or licenses;

• project is name squatting (package has no functionality or is empty);

• project name, description, or content violates the Code of Conduct;

• project uses obfuscation to hide or mask functionality; or

• project is abusing the Package Index for purposes it was not intended.

Notice that a package does not have to contain malware for it to be considered invalid.

What to do if you find an invalid package?

If the package contains malware, then you should follow the guidelines on pypi.org/security/, which include:

Email security@pypi.org, providing the following details:

• A URL to the project in question

• An explanation of what makes the project a security issue

• If applicable: a link to the problematic lines in the project's distributions via inspector.pypi.io

Valid malware reports may include examples of typo-squatting, dependency confusion, data exfiltration, obfuscation, command/control, etc.

The PyPI Inspector

https://inspector.pypi.io/ is a great tool for viewing the python code inside of a package without downloading the package from pypi.org. If you are reporting a package for containing malware, then you should include a link to the malicious line(s) of code.

All you have to do is enter the package name and navigate to the target file, then select the line of code to get the link. You can also link multiple lines of code with #line.<start line num>-<end line num> at the end of your target file url, like so https://inspector.pypi.io/project/sampleproject/3.0.0/packages/67/2a/9f056e5fa36e43ef1037ff85581a2963cde420457de0ef29c779d41058ca/sampleproject-3.0.0.tar.gz/sampleproject-3.0.0/pyproject.toml#line.33-41.

I Found A Similar Named Package That Contains No Malware..

If you find a package that has a similar name to a popular package that could be considered typo squatting, but contains no malware, then you should consider the following before reporting the package:

• Did the copy cat package steal the exact description as the legitimate package?

• Consider if the copy cat package could be a work in progress fork of the original package

• Review the user (maintainer) that uploaded the package.

  • If the user has a history of previous work on PyPI, then the package may be a legitimate fork.

  • If the user account was recently created and has little history of PyPI work, then consider it suspicious.

• Consider informing the development team of the popular package about the copy cat package.

  • You can leave the decision to report the copy cat package in the hands of the development team. Popular packages on PyPI typically leave an email under the Author field for contact.