ChocoPoC Nightmare: Fake GitHub Exploits Turn Python PoC Research Into a Silent Remote Access Takeover + Video

Listen to this Post

Featured ImageIntroduction: When Curiosity Becomes the Entry Point for Attack

In the fast-moving world of cybersecurity research, speed is everything. New vulnerabilities are published, and within hours, proof-of-concept (PoC) exploits begin circulating across GitHub, forums, and private channels. Researchers rush to validate, reproduce, and understand them. But this urgency has created a dangerous blind spot. A new campaign shows that attackers are no longer targeting end users—they are targeting the people who defend everyone else. The malware known as “ChocoPoC” is turning trusted research workflows into infection vectors, quietly compromising penetration testers and vulnerability researchers through fake exploit repositories.

Summary of the Original Report: A Weaponized Research Ecosystem

The investigation reveals a highly sophisticated supply chain attack targeting cybersecurity professionals. Attackers are uploading fake PoC repositories on GitHub that mimic legitimate exploit code for recently disclosed vulnerabilities such as Joomla RCE (CVE-2026-48908), FortiWeb path traversal (CVE-2025-64446), and React2Shell (CVE-2025-55182). Once cloned and executed, these repositories install malicious Python dependencies that deploy a stealthy Remote Access Trojan. The malware hides inside seemingly harmless packages like “frint” and “skytext,” ultimately giving attackers full access to infected systems, including credential theft, file scanning, and remote command execution.

The Trap: How Fake GitHub Proof-of-Concepts Lure Researchers

Attackers understand the psychology of urgency. When a critical vulnerability drops, researchers instinctively search for working PoCs to test exploitation paths. The malicious GitHub repositories exploit this exact behavior. They appear legitimate, often including clean documentation, realistic exploit scripts, and professional formatting. However, the real payload is never in the visible code—it is buried deep in dependency chains that are automatically installed when running a simple pip install -r requirements.txt. This turns a trusted testing workflow into a silent infection pipeline.

Dependency Poisoning: The Hidden Engine Behind ChocoPoC

The core of this attack lies in Python’s dependency ecosystem. Instead of directly embedding malicious code, attackers poison transitive dependencies. Packages like “frint” and “skytext” look harmless on the surface. “skytext” even presents itself as a terminal styling utility. But inside compiled binaries, obfuscated malware is waiting. Because Python prioritizes native extensions, the malicious code loads before the researcher even inspects the script, effectively hijacking the environment at runtime.

Advanced Evasion: Why Sandboxes Fail to Detect It

ChocoPoC is not a typical RAT. It is engineered to remain dormant unless very specific conditions are met. It verifies the runtime environment by hashing loaded Python module names and checking for the exact structure of the intended exploit script. If it detects a sandbox, incomplete execution context, or unrelated environment, it refuses to activate. This selective detonation makes it extremely difficult for automated security tools to flag it during analysis, allowing it to bypass conventional malware detection pipelines.

Command and Control via Mapbox: A Clever Disguise

One of the most alarming aspects of this campaign is its communication strategy. Instead of using obvious command-and-control servers, ChocoPoC abuses Mapbox infrastructure as a dead-drop channel. It connects via HTTPS using a custom adapter that enforces Server Name Indication (SNI) to api.mapbox.com. To network monitoring systems, the traffic looks like normal Mapbox API requests. In reality, it is a covert channel used to receive instructions and exfiltrate stolen data.

What Happens After Infection: Silent but Complete Control

Once activated, the RAT provides attackers with deep access to the victim’s system. It can extract browser-stored credentials, scan for database files, enumerate local development environments, and execute arbitrary shell commands. For penetration testers, this is particularly devastating because infected machines often contain sensitive client data, exploit code, and privileged access tokens.

Malicious PyPI Packages Identified

skytext 1.1.0 → 93739477cd379adef95126b22758c0e644282d2028dd297328ce856fa111dd06

frint 0.1.2 → 17997e9e0256d0f5d5d21a4852c37f16b338e4bb9c2bec09bdfd822b24aa76b4

slogsec → 5abd45d6f4a1705dca55d882f017d4768888dce9ad99cea40b3da35c23de5cae

What Undercode Say:

The attack shows a shift from end-user malware to researcher-targeted exploitation chains.

GitHub has become a trusted distribution vector for weaponized PoC traps.

Dependency ecosystems are now as dangerous as the primary exploit code itself.

Python packaging trust is being actively abused at scale.

Attackers rely on urgency-driven behavior in vulnerability research cycles.

Compiled Python extensions are increasingly used for stealth payload delivery.

Sandboxes fail because execution is conditionally gated.

Environment fingerprinting is used to evade analysis systems.

Mapbox domain usage indicates advanced traffic blending techniques.

Domain fronting remains effective against naive network monitoring.

Supply chain attacks are now targeting dev tooling, not just production systems.

Researchers unintentionally become initial access brokers for attackers.

Fake PoCs exploit trust in open-source collaboration culture.

Transitive dependencies are the weakest link in Python security.

Malware is shifting toward “execute-only-on-target” logic.

Static analysis tools fail due to binary obfuscation layers.

Credential harvesting is prioritized over immediate system disruption.

Attackers prefer stealth persistence over noisy ransomware behavior.

Development environments are high-value intelligence targets.

Security tooling must evolve beyond dependency scanning.

Signed packages alone are not sufficient trust indicators.

GitHub repositories require behavioral validation, not just code review.

Automated PoC execution pipelines increase exposure risk.

Malware uses legitimate APIs to avoid detection thresholds.

Research workflows lack isolation boundaries by default.

Python’s import resolution order is being weaponized.

Compiled wheels create opaque attack surfaces.

Environmental checks act as anti-analysis mechanisms.

Threat actors are studying cybersecurity research behavior patterns.

Supply chain poisoning is shifting toward niche professional groups.

Attackers exploit urgency spikes after CVE disclosures.

Trust in “community PoCs” is a systemic vulnerability.

Network traffic mimicry reduces detection confidence.

Persistence mechanisms are designed to avoid forensic triggers.

Multi-layer obfuscation is now standard in research-targeted malware.

Attackers prefer slow data exfiltration over fast detection triggers.

Security researchers need isolated execution environments by default.

Dependency verification must include runtime behavior analysis.

Open-source ecosystems require stronger provenance tracking.

ChocoPoC represents a new class of researcher-specific cyber weapons.

❌ Claims of specific CVE exploitation cannot be independently verified without official advisories confirming ChocoPoC linkage.

✅ Supply chain attacks via malicious Python dependencies are a well-documented and ongoing threat vector.

❌ Mapbox-based command-and-control usage is plausible but not universally confirmed across independent incident reports.

✅ GitHub-based fake PoC repositories have historically been used in real-world malware distribution campaigns.

❌ Exact package hashes and attribution require external validation from PyPI or threat intelligence feeds.

Prediction

(+1) Attackers will increasingly target cybersecurity researchers with tailored supply-chain malware hidden in PoC ecosystems 🧠
(+1) Dependency-based attacks in Python and Node.js ecosystems will continue to rise as primary infection vectors 🔐
(-1) Defensive tooling may struggle to fully detect conditional-execution malware without major architectural changes ⚠️

Deep Analysis (System & Security Response Perspective)

Inspect installed Python packages for suspicious binaries
pip list --format=freeze

Check compiled extensions inside packages

find ~/.local/lib/python/site-packages -name ".so" -o -name ".pyd"

Analyze dependency tree of a PoC project

pip install pipdeptree
pipdeptree

Monitor outbound connections during PoC execution

sudo netstat -tulnp | grep python

Sandbox execution using isolated environment

python3 -m venv sandbox_env
source sandbox_env/bin/activate

Trace Python imports at runtime

python -v exploit.py

Check for suspicious processes spawned by Python

ps aux | grep python

Inspect DNS queries for C2 anomalies

sudo tcpdump -i any port 53

Verify integrity of installed PyPI packages

pip install pip-audit
pip-audit

Static scan of repository before execution

bandit -r .

▶️ Related Video (78% Match):

🕵️‍📝Let’s dive deep and fact‑check.

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

References:

Reported By: cyberpress.org
Extra Source Hub (Possible Sources for article):
https://www.reddit.com/r/AskReddit
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube