Listen to this Post
Introduction: When Curiosity Becomes the Entry Point for Attack
In the fast-moving world of cybersecurity research, speed is everything. New vulnerabilities are published, and within hours, proof-of-concept (PoC) exploits begin circulating across GitHub, forums, and private channels. Researchers rush to validate, reproduce, and understand them. But this urgency has created a dangerous blind spot. A new campaign shows that attackers are no longer targeting end users—they are targeting the people who defend everyone else. The malware known as “ChocoPoC” is turning trusted research workflows into infection vectors, quietly compromising penetration testers and vulnerability researchers through fake exploit repositories.
Summary of the Original Report: A Weaponized Research Ecosystem
The investigation reveals a highly sophisticated supply chain attack targeting cybersecurity professionals. Attackers are uploading fake PoC repositories on GitHub that mimic legitimate exploit code for recently disclosed vulnerabilities such as Joomla RCE (CVE-2026-48908), FortiWeb path traversal (CVE-2025-64446), and React2Shell (CVE-2025-55182). Once cloned and executed, these repositories install malicious Python dependencies that deploy a stealthy Remote Access Trojan. The malware hides inside seemingly harmless packages like “frint” and “skytext,” ultimately giving attackers full access to infected systems, including credential theft, file scanning, and remote command execution.
The Trap: How Fake GitHub Proof-of-Concepts Lure Researchers
Attackers understand the psychology of urgency. When a critical vulnerability drops, researchers instinctively search for working PoCs to test exploitation paths. The malicious GitHub repositories exploit this exact behavior. They appear legitimate, often including clean documentation, realistic exploit scripts, and professional formatting. However, the real payload is never in the visible code—it is buried deep in dependency chains that are automatically installed when running a simple pip install -r requirements.txt. This turns a trusted testing workflow into a silent infection pipeline.
Dependency Poisoning: The Hidden Engine Behind ChocoPoC
The core of this attack lies in Python’s dependency ecosystem. Instead of directly embedding malicious code, attackers poison transitive dependencies. Packages like “frint” and “skytext” look harmless on the surface. “skytext” even presents itself as a terminal styling utility. But inside compiled binaries, obfuscated malware is waiting. Because Python prioritizes native extensions, the malicious code loads before the researcher even inspects the script, effectively hijacking the environment at runtime.
Advanced Evasion: Why Sandboxes Fail to Detect It
ChocoPoC is not a typical RAT. It is engineered to remain dormant unless very specific conditions are met. It verifies the runtime environment by hashing loaded Python module names and checking for the exact structure of the intended exploit script. If it detects a sandbox, incomplete execution context, or unrelated environment, it refuses to activate. This selective detonation makes it extremely difficult for automated security tools to flag it during analysis, allowing it to bypass conventional malware detection pipelines.
Command and Control via Mapbox: A Clever Disguise
One of the most alarming aspects of this campaign is its communication strategy. Instead of using obvious command-and-control servers, ChocoPoC abuses Mapbox infrastructure as a dead-drop channel. It connects via HTTPS using a custom adapter that enforces Server Name Indication (SNI) to api.mapbox.com. To network monitoring systems, the traffic looks like normal Mapbox API requests. In reality, it is a covert channel used to receive instructions and exfiltrate stolen data.
What Happens After Infection: Silent but Complete Control
Once activated, the RAT provides attackers with deep access to the victim’s system. It can extract browser-stored credentials, scan for database files, enumerate local development environments, and execute arbitrary shell commands. For penetration testers, this is particularly devastating because infected machines often contain sensitive client data, exploit code, and privileged access tokens.
Malicious PyPI Packages Identified
skytext 1.1.0 → 93739477cd379adef95126b22758c0e644282d2028dd297328ce856fa111dd06
frint 0.1.2 → 17997e9e0256d0f5d5d21a4852c37f16b338e4bb9c2bec09bdfd822b24aa76b4
slogsec → 5abd45d6f4a1705dca55d882f017d4768888dce9ad99cea40b3da35c23de5cae
What Undercode Say:
The attack shows a shift from end-user malware to researcher-targeted exploitation chains.
GitHub has become a trusted distribution vector for weaponized PoC traps.
Dependency ecosystems are now as dangerous as the primary exploit code itself.
Python packaging trust is being actively abused at scale.
Attackers rely on urgency-driven behavior in vulnerability research cycles.
Compiled Python extensions are increasingly used for stealth payload delivery.
Sandboxes fail because execution is conditionally gated.
Environment fingerprinting is used to evade analysis systems.
Mapbox domain usage indicates advanced traffic blending techniques.
Domain fronting remains effective against naive network monitoring.
Supply chain attacks are now targeting dev tooling, not just production systems.
Researchers unintentionally become initial access brokers for attackers.
Fake PoCs exploit trust in open-source collaboration culture.
Transitive dependencies are the weakest link in Python security.
Malware is shifting toward “execute-only-on-target” logic.
Static analysis tools fail due to binary obfuscation layers.
Credential harvesting is prioritized over immediate system disruption.
Attackers prefer stealth persistence over noisy ransomware behavior.
Development environments are high-value intelligence targets.
Security tooling must evolve beyond dependency scanning.
Signed packages alone are not sufficient trust indicators.
GitHub repositories require behavioral validation, not just code review.
Automated PoC execution pipelines increase exposure risk.
Malware uses legitimate APIs to avoid detection thresholds.
Research workflows lack isolation boundaries by default.
Python’s import resolution order is being weaponized.
Compiled wheels create opaque attack surfaces.
Environmental checks act as anti-analysis mechanisms.
Threat actors are studying cybersecurity research behavior patterns.
Supply chain poisoning is shifting toward niche professional groups.
Attackers exploit urgency spikes after CVE disclosures.
Trust in “community PoCs” is a systemic vulnerability.
Network traffic mimicry reduces detection confidence.
Persistence mechanisms are designed to avoid forensic triggers.
Multi-layer obfuscation is now standard in research-targeted malware.
Attackers prefer slow data exfiltration over fast detection triggers.
Security researchers need isolated execution environments by default.
Dependency verification must include runtime behavior analysis.
Open-source ecosystems require stronger provenance tracking.
ChocoPoC represents a new class of researcher-specific cyber weapons.
❌ Claims of specific CVE exploitation cannot be independently verified without official advisories confirming ChocoPoC linkage.
✅ Supply chain attacks via malicious Python dependencies are a well-documented and ongoing threat vector.
❌ Mapbox-based command-and-control usage is plausible but not universally confirmed across independent incident reports.
✅ GitHub-based fake PoC repositories have historically been used in real-world malware distribution campaigns.
❌ Exact package hashes and attribution require external validation from PyPI or threat intelligence feeds.
Prediction
(+1) Attackers will increasingly target cybersecurity researchers with tailored supply-chain malware hidden in PoC ecosystems 🧠
(+1) Dependency-based attacks in Python and Node.js ecosystems will continue to rise as primary infection vectors 🔐
(-1) Defensive tooling may struggle to fully detect conditional-execution malware without major architectural changes ⚠️
Deep Analysis (System & Security Response Perspective)
Inspect installed Python packages for suspicious binaries pip list --format=freeze
Check compiled extensions inside packages
find ~/.local/lib/python/site-packages -name ".so" -o -name ".pyd"
Analyze dependency tree of a PoC project
pip install pipdeptree pipdeptree
Monitor outbound connections during PoC execution
sudo netstat -tulnp | grep python
Sandbox execution using isolated environment
python3 -m venv sandbox_env source sandbox_env/bin/activate
Trace Python imports at runtime
python -v exploit.py
Check for suspicious processes spawned by Python
ps aux | grep python
Inspect DNS queries for C2 anomalies
sudo tcpdump -i any port 53
Verify integrity of installed PyPI packages
pip install pip-audit pip-audit
Static scan of repository before execution
bandit -r .
▶️ Related Video (78% Match):
🕵️📝Let’s dive deep and fact‑check.
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
References:
Reported By: cyberpress.org
Extra Source Hub (Possible Sources for article):
https://www.reddit.com/r/AskReddit
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube




