GitHub PoC Exploits Turn Into Malware Traps: ChocoPoC RAT Campaign Targets Cybersecurity Researchers Through Malicious Python Packages + Video

Listen to this Post

Featured ImageIntroduction: The Growing Danger Behind Trusted Security Tools

Cybersecurity professionals have long relied on proof-of-concept (PoC) exploits shared on GitHub to validate vulnerabilities, test defenses, and understand emerging threats. These repositories are often considered valuable learning resources, especially when new vulnerabilities capture global attention. But attackers are becoming increasingly creative. Instead of exploiting software alone, they are now exploiting the trust placed in open-source ecosystems.

A newly uncovered campaign demonstrates just how dangerous that trust can become. Rather than modifying exploit code directly, attackers quietly poisoned the software supply chain by embedding malicious Python packages into project dependencies. Victims who believed they were testing legitimate vulnerability exploits unknowingly installed a sophisticated remote access trojan called ChocoPoC, giving attackers full control over their systems.

Summary: Malware Hidden in Dependencies Instead of Exploits

Researchers from Sekoia have uncovered a sophisticated malware campaign distributing a Python-based remote access trojan known as ChocoPoC through multiple weaponized GitHub proof-of-concept repositories.

Unlike previous attacks where malware was directly inserted into exploit scripts, this campaign takes a far stealthier approach. The exploit code itself remains functional and appears legitimate. Instead, attackers modify the project’s dependency list so that cloning and installing the repository automatically downloads malicious Python packages from the Python Package Index (PyPI).

The infection begins with a seemingly harmless package named frint, which secretly installs another dependency called skytext. That package contains a compiled Python extension capable of decrypting hidden code during execution. The decrypted payload launches a downloader that retrieves the final ChocoPoC malware from a Mapbox dataset, helping attackers evade traditional security detection.

This technique transforms trusted development workflows into attack vectors, making the compromise extremely difficult to detect without carefully inspecting every dependency involved.

How the Infection Chain Works

The attack begins when a researcher clones what appears to be a legitimate GitHub repository containing a proof-of-concept exploit for a recently disclosed vulnerability.

During dependency installation, Python automatically downloads the package frint from PyPI. While the package appears harmless, its installation process silently installs another dependency called skytext.

The skytext package contains a compiled native extension that executes automatically when the exploit runs. Instead of exposing malicious code directly, it decrypts hidden Python instructions embedded within itself.

Those decrypted instructions contact a remotely hosted Mapbox dataset and download the final payload, ChocoPoC. By separating every stage of the infection chain, the attackers dramatically reduce the chances of static detection or manual code review revealing the malware.

Why This Supply Chain Technique Is More Dangerous

Traditional malicious repositories often expose suspicious scripts or obfuscated code that analysts can identify during inspection.

This campaign changes the rules.

The GitHub repository itself remains largely authentic, and the exploit continues working exactly as expected. The malicious behavior is delegated entirely to external Python dependencies that appear unrelated to the exploit.

Anyone reviewing only the exploit source code may conclude it is perfectly safe while completely overlooking the dependency chain responsible for installing malware.

This represents another evolution of software supply-chain attacks, where trust in package managers becomes the primary attack surface.

What ChocoPoC Can Do After Infection

Once installed, ChocoPoC provides attackers with extensive remote control over compromised systems.

Its capabilities include:

Executing arbitrary shell commands.

Running custom Python code remotely.

Uploading files and entire directories.

Stealing browser passwords.

Extracting authentication cookies.

Collecting autofill information.

Gathering browsing history.

Searching markdown documents and text files.

Harvesting database files.

Reading shell command history.

Collecting network configuration details.

Enumerating running processes.

Smaller stolen data is exfiltrated through Mapbox datasets, while larger files are uploaded through dedicated HTTP servers controlled by the attackers.

This combination enables both espionage and long-term persistence against targeted systems.

Popular Vulnerabilities Used as Bait

Researchers discovered at least seven malicious GitHub repositories distributing ChocoPoC by advertising exploits for recently disclosed vulnerabilities.

The fake repositories claimed to provide exploits for:

FortiWeb (CVE-2025-64446)

React2Shell (CVE-2025-55182)

MongoBleed (CVE-2025-14847)

PAN-OS (CVE-2026-0257)

Ivanti Sentry (CVE-2026-10520)

Check Point VPN (CVE-2026-50751)

Joomla SP Page Builder (CVE-2026-48908)

These highly publicized vulnerabilities generated significant attention across the cybersecurity community, increasing the likelihood that researchers would quickly clone and execute the repositories without performing detailed inspections.

Linux Systems Were the Primary Targets

Researchers observed approximately 2,400 downloads of the malicious skytext package.

Most installations occurred on Linux systems, reflecting the reality that penetration testers, malware analysts, and vulnerability researchers frequently perform their work using Linux environments.

The campaign experienced major spikes in downloads immediately following the public disclosure of trending vulnerabilities, suggesting attackers closely monitor cybersecurity news to maximize infection opportunities.

Evidence Suggests Compromised Developer Accounts

The campaign appears to have evolved over time.

Before using the packages frint and skytext, attackers distributed nearly identical malware using earlier packages named slogsec and logcrypt.cryptography.

Investigators also traced multiple GitHub committers involved in the campaign to email addresses that appeared in leaked credential databases.

According to

Rather than creating entirely new identities, the attackers likely hijacked legitimate developer accounts to increase the credibility of their repositories and PyPI uploads.

Why Security Researchers Have Become Prime Targets

Security researchers occupy a unique position within modern cybersecurity.

Unlike ordinary users, they intentionally execute untrusted software every day while investigating vulnerabilities, malware samples, and proof-of-concept exploits.

Attackers understand this behavior.

Compromising a researcher can provide access to proprietary vulnerability research, corporate VPN credentials, internal penetration-testing tools, cloud infrastructure, or confidential customer environments.

As a result, offensive security professionals have increasingly become high-value targets for sophisticated threat actors.

Defending Against Dependency-Based Malware

The discovery of ChocoPoC highlights the importance of verifying every component within an open-source project rather than trusting repository popularity or exploit functionality.

Organizations and independent researchers should:

Audit dependency lists before installation.

Pin trusted package versions.

Verify package maintainers.

Execute PoC exploits inside isolated virtual machines or containers.

Monitor outbound network traffic during testing.

Use sandbox environments for vulnerability validation.

Avoid running newly published GitHub repositories directly on production workstations.

Modern software supply-chain attacks frequently bypass traditional antivirus solutions because they rely on trusted development infrastructure rather than obvious malware downloads.

Deep Analysis: Investigating Suspicious Python Dependencies and Supply Chain Risks

Security researchers should validate every layer of a repository before execution. Useful Linux commands for investigating potentially malicious Python packages include:

Clone without executing anything
git clone https://github.com/example/project.git

Review dependency files

cat requirements.txt
cat pyproject.toml

Inspect setup scripts

find . -name "setup.py"
find . -name "setup.cfg"

Search for suspicious imports

grep -R subprocess .

grep -R exec( .

grep -R eval( .

grep -R __import__ .

Check installed packages

pip list

Inspect package metadata

pip show frint
pip show skytext

Download package without installing

pip download frint

Extract package contents

tar -xf .tar.gz

Search for compiled extensions

find . -name ".so"

Examine binary strings

strings .so

Review network connections

ss -tunap

Monitor processes

ps aux

Observe filesystem activity

inotifywait -m .

Trace execution

strace python exploit.py

Capture network traffic

tcpdump -i any

Analyze downloaded payloads

sha256sum 

Verify package signatures when available

gpg –verify

Create isolated environment

python3 -m venv lab

Run inside container

docker run --rm -it python:latest

Remove suspicious environment

rm -rf lab

These commands help investigators understand package behavior before allowing untrusted code to execute, significantly reducing exposure to dependency-based attacks.

What Undercode Say:

The ChocoPoC campaign is another reminder that modern cyberattacks are shifting away from exploiting software vulnerabilities alone and toward exploiting developer trust. The malicious repository is no longer the only concern. Today, every dependency, package manager, build script, installer, and external download endpoint represents another potential attack surface.

One of the most interesting aspects of this campaign is that the exploit code itself remains operational. This makes automated code review significantly less effective because analysts naturally focus on the exploit logic rather than package installation routines.

Dependency confusion and software supply-chain attacks continue to mature. Threat actors increasingly understand the workflows of developers, penetration testers, and security researchers, allowing them to weaponize tools that victims intentionally execute.

The abuse of PyPI demonstrates how attackers leverage trusted ecosystems rather than creating completely new infrastructure. Developers often assume packages hosted on official repositories are inherently trustworthy, yet package repositories remain attractive targets for malicious uploads.

Hosting the final payload inside a Mapbox dataset is equally noteworthy. Using legitimate cloud platforms helps malware blend into normal network traffic while avoiding many traditional indicators of compromise.

Linux dominance among victims also reflects current industry practices. Offensive security professionals overwhelmingly use Linux for vulnerability research, making it a logical operating system to prioritize.

The repeated use of compromised developer accounts further illustrates that identity security has become just as important as endpoint security. A trusted account can be more dangerous than sophisticated malware.

Organizations should begin treating software dependencies as executable code rather than harmless libraries. Every imported package deserves security validation.

Automated dependency scanning should become mandatory in research environments.

Containerized testing environments should replace direct execution on analyst workstations.

Repository popularity should never be confused with repository safety.

Recent publication dates should increase caution instead of trust.

The cybersecurity community must also recognize that attackers actively monitor vulnerability disclosures and rapidly publish fake repositories within hours.

Threat hunting should include monitoring newly published packages associated with trending CVEs.

Software Bills of Materials (SBOMs) may become increasingly valuable for tracking unexpected dependencies.

Behavioral monitoring remains more reliable than static analysis when dealing with staged payloads like ChocoPoC.

Python’s flexibility continues to make it attractive for both defenders and attackers.

Compiled Python extensions deserve greater scrutiny because they frequently bypass superficial source-code inspection.

Researchers should validate outbound network requests generated during exploit execution.

Network segmentation can significantly reduce post-compromise impact.

Package signing adoption remains inconsistent across many open-source ecosystems.

Open-source communities may need stronger maintainer verification mechanisms.

Cloud-hosted payloads will likely become increasingly common because they blend with legitimate services.

Security awareness training should include supply-chain attack simulations rather than focusing solely on phishing.

Modern attackers increasingly combine social engineering with technical sophistication.

Trust should always be earned through verification.

The future of software security depends not only on secure code but also on secure ecosystems.

✅ Verified: Researchers confirmed that ChocoPoC is distributed through malicious Python dependencies hosted on PyPI rather than directly embedded inside GitHub proof-of-concept exploit files.

✅ Verified: The malware is capable of executing remote commands, stealing browser credentials, collecting shell history, uploading files, and gathering extensive host information, making it a fully featured remote access trojan.

✅ Verified: Evidence indicates the campaign likely relied on compromised developer accounts to publish malicious packages and GitHub repositories, increasing the credibility of the attack while making detection more difficult.

Prediction

(+1) Supply-chain security tools capable of automatically analyzing dependency behavior before installation will become standard across enterprise development pipelines, significantly reducing successful attacks like ChocoPoC. 🔒📦

(-1) Threat actors will continue shifting toward dependency-based malware campaigns because developers and researchers increasingly depend on automated package managers, making software ecosystems one of the most attractive targets for future cyber espionage operations. ⚠️🕵️

▶️ Related Video (74% Match):

🕵️‍📝Let’s dive deep and fact‑check.

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

References:

Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.discord.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube