Malicious PyPi packages ‘Lolip0p’ install malware that steals information

Three malicious files containing code that can steal information from developers have been uploaded by a threat actor to the PyPI repository.

The malicious programs, which were discovered by all came from the same source: a single author called ‘Lolip0p.’ They were uploaded between January 7, 2023, and December 12, 2023. They are called ‘colorslib’, ‘httpslib’, and ‘libhttps. They have all been removed from PyPI.

PyPI, the largest repository of Python packages used by software developers to get the basic building blocks for their projects is widely used.

Its popularity means that it is a target for hackers who are looking to attack developers and their projects. can be uploaded pretending to be , or mimicking renowned projects by .

PyPI does not have the ability to inspect all packages uploaded. Instead, it depends on user reports for malicious files to be found and removed. The bad packages can sometimes be downloaded hundreds of times before they are removed.

Neue campaign

Fortinet found three resources that are complete descriptions. This is in contrast to malicious PyPI uploads. It helps developers believe they are genuine resources.

Malicious package description on PyPI


The names of these packages are not meant to be a copy of other projects, but they do aim to convince that the package contains reliable and risk-free code.

The following malicious files had the following count of downloads according to PyPI’s package stat counting service “” on Sunday, January 14th.

While the download count may not seem significant, it is important to remember that these infections can be a part of an entire supply chain.

The malicious file’’ is found in all three packages. It attempts to execute PowerShell by fetching an executable from suspicious URLs, named “Oxyz.exe.” This malware is designed to steal browser information.

BleepingComputer discovered that Oxyz.exe can also be used as a Discord Nitro Generator.

VirusTotal vendors flag the second file as being malicious. Fortinet says ‘update.exe’ drops several additional files on the host, one of which (‘SearchProtocolHost.exe’), which is flagged as malicious by some AV vendors as an info-stealer.

Files ‘update.exe’ drops on the host


BleepingComputer discovered that at least one process was used to gather Discord tokens. This suggests that it is part of an information-stealing malware campaign to steal user data and authentication tokens.

All three executables in the attack have low detection rates, with a range between 4.5% to 13.5%. This allows the malicious files not only to be detected by multiple security agents, but also prevents them from being run on any victim hosts.

Detection results for ‘update.exe’ on VirusTotal


Threat actors may still be able to re-upload those packages later under another name, even though they have removed them from the PyPI.

Software developers must be careful when downloading packages to ensure safety and security. Software developers must ensure that they verify the source of the packages and review the code for any malicious or suspicious intent.