Two PyPi Malicious Package Mimic ChatGPT & Claude Steals Developers Data

Two malicious Python packages masquerading as tools for interacting with popular AI models ChatGPT and Claude were recently discovered on the Python Package Index (PyPI), the official repository for Python libraries.

These packages reportedly remained undetected for over a year, silently compromising developer environments and exfiltrating sensitive data.

As reported by a cybersecurity researcher, Leonid via X, the malicious packages were designed to exploit the growing popularity and adoption of AI tools in development workflows.

🚨 We discovered two malicious Python packages in #PyPI repository that remained undetected for over a year. These packages mimicked tools for working with popular AI language models (#ChatGPT and #Claude), silently exfiltrating data and compromising developer environments.… pic.twitter.com/cFpbkp2mok

— Leonid Bezvershenko (@bzvr_) November 20, 2024

PyPi Malicious Package

Developers, eager to integrate ChatGPT and Claude into their projects, were unknowingly installing these malicious packages, believing them to be legitimate resources for engaging with ...