Listen to this Post
Introduction: When Security Research Becomes the Attack Surface
The cybersecurity community has long relied on publicly shared proof-of-concept (PoC) exploits to validate vulnerabilities, improve defenses, and understand emerging threats. GitHub repositories and open-source package ecosystems have become essential tools for researchers, penetration testers, and defenders worldwide. Unfortunately, attackers are increasingly exploiting that trust.
A newly uncovered malware campaign demonstrates just how dangerous the software supply chain has become. Instead of modifying exploit code itself, attackers quietly weaponized the dependency chain surrounding legitimate-looking PoC repositories. The result is ChocoPoC, a sophisticated Python-based Remote Access Trojan (RAT) capable of silently compromising researchers who believe they are simply testing newly disclosed vulnerabilities.
This campaign represents another evolution in supply chain attacks, proving that today’s most dangerous malware may not hide inside the exploit itself, but within the libraries automatically installed alongside it.
A New Supply Chain Attack Hidden Inside GitHub PoCs
Cybersecurity researchers have uncovered multiple malicious GitHub repositories distributing weaponized proof-of-concept exploits that secretly install a powerful Python-based Remote Access Trojan known as ChocoPoC.
Unlike traditional malware campaigns that inject malicious code directly into exploit files, this operation takes a far more deceptive approach. The exploit code itself remains largely untouched, making it appear completely legitimate during casual inspection. Instead, attackers hide malicious functionality within external Python packages automatically installed as dependencies.
This subtle strategy significantly increases the likelihood that experienced researchers will overlook the compromise.
How the Infection Chain Works
The infection begins when a researcher clones what appears to be a legitimate GitHub repository containing a vulnerability exploit.
During installation, Python automatically downloads a package named frint from the Python Package Index (PyPI). At first glance, the package appears harmless.
However, frint silently installs another dependency called skytext, which contains a compiled native Python extension.
Once the exploit executes, that extension automatically activates, decrypting hidden Python code embedded within itself. This decrypted code launches a downloader that retrieves the final ChocoPoC payload from a dataset hosted on the Mapbox platform.
Because every stage appears separated into legitimate components, the attack successfully avoids many traditional detection techniques.
Why This Technique Is Particularly Dangerous
Most malware hidden inside PoC exploits can eventually be identified by examining the exploit script itself.
ChocoPoC changes that assumption entirely.
The exploit remains functional, making researchers believe the repository is trustworthy after successful testing. The malicious behavior exists entirely within dependency packages that many users install without reviewing.
Modern Python development heavily depends on third-party packages, making this attack especially effective against developers, security engineers, and vulnerability researchers.
The campaign exploits trust in the software supply chain rather than exploiting weaknesses in exploit code.
Powerful Remote Access Trojan Capabilities
Once installed, ChocoPoC grants attackers extensive control over compromised systems.
Its capabilities include:
Executing arbitrary shell commands remotely
Running Python code on infected systems
Uploading files and directories
Stealing browser passwords
Extracting cookies
Collecting autofill information
Harvesting browser history
Searching markdown documents
Scanning text files
Extracting database files
Gathering shell command history
Enumerating running processes
Collecting network configuration details
Together, these capabilities allow attackers to perform full post-compromise reconnaissance while stealing valuable research materials and credentials.
Mapbox Used as an Unusual Malware Infrastructure
One of the more interesting aspects of the campaign is its abuse of Mapbox datasets.
Rather than hosting malware on suspicious infrastructure, attackers stored portions of the payload within Mapbox-hosted datasets.
This approach helps blend malicious traffic with legitimate cloud services that organizations often allow through firewalls without inspection.
Meanwhile, larger stolen files are uploaded separately using dedicated HTTP servers controlled by the attackers.
Using trusted cloud platforms as malware infrastructure continues to become a recurring trend among sophisticated threat actors.
Multiple High-Profile Vulnerabilities Used as Bait
Researchers identified at least seven GitHub repositories distributing the ChocoPoC malware while pretending to offer exploits for recently disclosed vulnerabilities.
The fake repositories targeted vulnerabilities affecting products including:
FortiWeb
React2Shell
MongoBleed
PAN-OS
Ivanti Sentry
Check Point VPN
Joomla SP Page Builder
Each repository appeared to offer timely exploit code for high-profile security issues, increasing the likelihood that researchers would clone and execute them quickly.
The campaign cleverly capitalized on the urgency surrounding newly disclosed vulnerabilities.
Linux Researchers Were the Primary Victims
Investigators observed that the malicious skytext package had been downloaded approximately 2,400 times.
Most downloads originated from Linux systems.
This finding is not surprising, as Linux remains the preferred operating system for penetration testers, malware analysts, red team operators, and cybersecurity researchers.
The download spikes closely matched the public disclosure of popular vulnerabilities, suggesting attackers intentionally synchronized their fake repositories with industry news to maximize infections.
The Campaign Shows Signs of Continuous Evolution
This operation did not begin with the frint and skytext packages.
Earlier versions relied on packages named slogsec and logcrypt.cryptography, both of which delivered nearly identical ChocoPoC payloads.
The repeated replacement of malicious package names indicates that the attackers continuously adapt once previous packages are detected and removed.
Such behavior reflects an organized operation rather than a one-time experiment.
Evidence Suggests Attackers Used Compromised Developer Accounts
Although researchers have not publicly attributed the campaign to a known threat group, forensic evidence points toward compromised developer accounts.
Several GitHub committer email addresses were connected to previous trojanized PoC campaigns observed during late 2025.
Credential leak databases contained usernames and passwords associated with multiple accounts involved in publishing the malicious packages.
Researchers believe with high confidence that the attackers primarily relied on compromised accounts to upload both malicious PyPI packages and GitHub repositories.
This tactic significantly increases credibility because the repositories appear to originate from legitimate developers.
Researchers Must Rethink Trust in Open Source
For years, many cybersecurity professionals assumed that carefully reviewing exploit source code was sufficient before execution.
ChocoPoC proves that assumption is no longer enough.
Every dependency, installer script, package signature, and external download source must now be considered part of the attack surface.
Supply chain attacks continue moving away from obvious malware and toward hidden components embedded throughout software ecosystems.
Blindly installing dependencies from public repositories is becoming an increasingly dangerous habit.
Best Practices to Stay Protected
Researchers and penetration testers should adopt stronger operational security practices when handling public PoCs.
Recommended defensive measures include:
Always execute untrusted PoCs inside isolated virtual machines.
Use disposable laboratory environments.
Review every dependency before installation.
Pin package versions whenever possible.
Monitor outbound network connections during execution.
Scan downloaded packages before installation.
Avoid using production workstations for exploit testing.
Verify repository reputation and contributor history.
Inspect package installation scripts.
Treat every third-party dependency as potentially hostile.
Modern software supply chain attacks require equally modern defensive strategies.
What Undercode Say: Deep Analysis of the ChocoPoC Campaign
The ChocoPoC operation demonstrates that attackers are no longer attempting to fool only inexperienced users. They are deliberately targeting the people responsible for discovering vulnerabilities.
This changes the traditional attacker-defender relationship.
Security researchers usually operate under the assumption that they are the hunters.
Campaigns like ChocoPoC make them the prey.
The most significant innovation is not the RAT itself.
Remote access trojans have existed for decades.
The innovation lies in hiding malware within trusted dependency chains.
Python package ecosystems remain one of the largest software supply chain attack surfaces today.
Automatic dependency resolution dramatically improves developer productivity.
Unfortunately, it also automates malware installation.
Attackers understand modern development workflows extremely well.
They know developers rarely inspect every package being installed.
Even experienced penetration testers often prioritize exploit validation over dependency auditing.
The campaign also illustrates the growing abuse of legitimate cloud infrastructure.
Cloud-hosted payloads generate far less suspicion than unknown VPS servers.
Mapbox is merely one example.
Tomorrow it could be GitHub Releases.
Or cloud object storage.
Or content delivery networks.
Behavioral detection becomes far more valuable than static signature detection.
Organizations should monitor outbound requests instead of relying solely on antivirus products.
Endpoint Detection and Response (EDR) systems should inspect Python interpreter behavior.
Package signing verification deserves greater adoption.
Private mirrors for trusted dependencies can reduce exposure.
Software Bills of Materials (SBOMs) become increasingly valuable.
Threat hunting should include unexpected package installation events.
Continuous monitoring of developer workstations deserves equal priority to production servers.
Security awareness training should specifically address supply chain attacks.
Every downloaded dependency should be considered executable code.
Zero Trust principles extend naturally into software development.
GitHub popularity should never be mistaken for legitimacy.
Repository stars do not equal safety.
Recent vulnerability hype often becomes attacker opportunity.
Open-source ecosystems remain invaluable.
But blind trust has become increasingly expensive.
The future battlefront is no longer just vulnerable software.
It is the software used to study vulnerable software.
Deep Analysis: Detection and Investigation Commands
Below are several useful commands for security researchers investigating suspicious Python packages and GitHub PoCs on Linux systems.
pip list
pip show frint
pip show skytext
pip freeze
python3 -m site
find ~/.local/lib -name ".so"
find ~/.cache/pip -type f
grep -R setup.py .
grep -R install_requires .
grep -R Mapbox .
grep -R requests.get .
strings suspicious.so
ldd suspicious.so
file suspicious.so
sha256sum suspicious.so
python3 -m venv sandbox
source sandbox/bin/activate
pip install --no-cache-dir -r requirements.txt
pipdeptree
netstat -tunap
ss -tunap
lsof -i
tcpdump -i any
journalctl -xe
ps aux
pstree -p
history
env
strace -f python3 exploit.py
python3 -m trace exploit.py
auditctl -l
ausearch -m EXECVE
clamscan -r .
rkhunter --check
chkrootkit
curl -I suspicious-url
wget --spider suspicious-url
These commands help identify malicious dependencies, inspect package behavior, monitor network activity, and investigate persistence mechanisms during malware analysis.
✅ Researchers confirmed multiple GitHub repositories distributed weaponized PoCs that ultimately installed the ChocoPoC Remote Access Trojan through malicious Python dependencies.
✅ The
✅ Evidence indicates compromised developer accounts were likely used to publish malicious packages, although the threat actor behind the campaign has not yet been publicly identified with certainty.
Prediction
(+1) Software repositories will increasingly adopt stronger package verification, cryptographic signing, automated dependency auditing, and behavioral analysis to reduce the success rate of supply chain attacks targeting developers and security researchers.
(-1) Threat actors will continue shifting toward dependency-based malware delivery, abusing trusted cloud platforms and legitimate developer ecosystems, making future campaigns even harder to detect through conventional security tools alone.
▶️ Related Video (82% Match):
🕵️📝Let’s dive deep and fact‑check.
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
References:
Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.medium.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube




