Cybersecurity experts have uncovered several malicious Python packages on the PyPI repository that were secretly verifying stolen email addresses against TikTok and Instagram APIs. These packages, disguised as legitimate tools, were used by threat actors to validate user accounts before launching broader attacks.
According to an analysis by Socket researcher Olivia Brown, three packages—checker-SaGaF, steinlurks, and sinnercore—have now been removed from PyPI. Combined, they were downloaded nearly 7,000 times, raising concerns about how widespread the impact might be. “True to its name, checker-SaGaF checks if an email is associated with a TikTok account and an Instagram account,” Brown reported.
This validation works by sending HTTP POST requests to TikTok’s password recovery API and Instagram’s login endpoints. If the response is successful, it confirms that the email is tied to an active account.
Attackers Use Email Validation to Launch Targeted Exploits
While this might seem harmless at first, the implications are serious. Brown explains that validated email lists are highly valuable to cybercriminals. Once an attacker confirms an email belongs to a real account, they can:
- Launch phishing, spam, or credential stuffing attacks
- Attempt password spraying
- Dox or harass users
- Sell verified email lists on the dark web
“Knowing which emails are tied to real accounts speeds up attacks and minimizes noise. That makes it harder for detection systems to flag unusual activity,” Brown warned.
Another package, steinlurks, used more advanced evasion techniques. It mimicked requests from the Instagram Android app and hit several private API endpoints to avoid detection. These endpoints included:
/api/v1/users/lookup//api/v1/accounts/send_recovery_flow_email//api/v1/web/accounts/check_email/
Meanwhile, sinnercore focused on triggering the “forgot password” process using a target’s Instagram username. It sent fake HTTP requests to the endpoint /api/v1/accounts/send_password_reset/. The tool also extracted profile data from Telegram, including user ID, name, bio, and premium status.
Some parts of sinnercore even provided cryptocurrency features such as Binance price tracking and currency conversion. It could also retrieve data about any PyPI package—likely to impersonate developers or craft fake project profiles.
Malicious Backdoors Found in Debugging Tools and Chatbot Plugins
In a separate finding, ReversingLabs flagged a malicious package named dbgpkg that appeared to be a debugging utility. In reality, it implanted a backdoor to enable remote code execution and data theft on compromised systems. Although the package has been removed, it had around 350 downloads before takedown.
Interestingly, dbgpkg shares the same payload as a previously discovered package, discordpydebug, identified in March 2022. Both are believed to be tied to Phoenix Hyena, a hacktivist group known for targeting Russian entities during the early stages of the Russo-Ukrainian war. Another related package, requestsdev, is suspected to be part of this campaign as well.
ReversingLabs researcher Karlo Zanki explained that the malware used advanced techniques like Python function wrapping and the Global Socket Toolkit (GSocket). These allow threat actors to maintain long-term access to infected systems without detection.
On the JavaScript front, cybersecurity researcher Kirill Boychenko discovered a malicious npm package called koishi-plugin-pinhaofa, designed to target chatbots built with the Koishi framework. Marketed as a spelling-correction tool, it instead scanned every message for eight-character hexadecimal strings—likely Git commit hashes, JWT tokens, or partial API keys.
When a match was found, it sent the entire message, including potential credentials and secrets, to a hardcoded QQ account. This technique enabled the theft of valuable data hidden in everyday chatbot interactions.
The rise in malicious Python packages and other open-source threats highlights a growing risk for developers and organizations. Attackers are no longer just targeting systems—they’re compromising the very tools developers trust. Regular audits, secure coding practices, and careful review of package dependencies are essential to defend against these threats.
