The PyPI package manager for Python developers contains malicious packages, researchers at security firm ReversingLabs found, according to a Wednesday blog post. The actual packages discovered are uninteresting—four packages by a developer named ruri12, one of which is libpeshnx, a package that attempts to download a file from a C2 server, save it in a user’s home directory, and make it persist as a background process.

It’s theorized to be a development version of libpeshka, which was discovered by a researcher named Bertus, and reported by ZDNet’s Catalin Cimpnau last October. The C2 server was already offline by that point, making the whole package toothless, though for its toothlessness, not appreciably less concerning.

The maintainers of PyPI should rightly be credited with removing the packages promptly after disclosure, though this underlies a problem that package repositories like PyPI, npm, and RubyGems: The use of flat namespaces.

The idea behind a great number of these attacks is essentially typosquatting, banking on the potential that a programmer could accidentally type diango, djago, dajngo, or djanga, instead of Django, the name of a popular Python framework.

SEE: Launching a career in cybersecurity: An insider’s guide (free PDF) (TechRepublic)

It’s a problem that could be mediated in part by not using flat namespaces. Take, for example, Docker Hub: The official image for the popular self-hosted cloud platform NextCloud is… nextcloud. There’s also a very popular unofficial container maintained by (which, to be clear, is a trustworthy organization) which is linuxserver/nextcloud. Both are good options, though one or the other may be easier to get started with, or easier to configure, depending on your needs. The duplication is not an issue; they can coexist normally.

Docker Hub receives slightly more editorial oversight than package repositories for programming languages—official images are marked as such, and these are inherently trustworthy. Similarly, PPA in Ubuntu and COPR in Fedora are separated by prefixing the name of the owner of those repositories, differentiating them from the vetted and tested packages in the distribution-default repository, packaged by Canonical or Red Hat employees, or trusted community members, as the case may be.

A compelling case could be made that attempting editorial oversight in the same style of Docker package repositories isn’t feasible for things like PyPI and npm, as that would slow down development. Certainly, Docker packages are more akin to finished goods, while packages in PyPI are raw (or processed) materials that can be used by programmers to build something else.

Moving away from flat namespaces would be a significant undertaking, and would only be one step toward improving the security of these repositories. It would also have the added benefit of heading off trademark disputes, such as the one that prompted the infamous left-pad incident that resulted from the forced reassignment of a package name.

For more, check out “How to scan your Docker installment with docker-bench-test” and “JavaScript programming language: Final chance to drop early Web Components API before Chrome ditches support” on TechRepublic.

Image: iStockphoto/DenisKot