OceanLotus Exploits PyPI to Distribute ZiChatBot Malware via Zulip APIs

Severity: High (Score: 69.5)

Sources: Securelist, gbhackers.com, Thehackernews, www.kaspersky.com

Summary

Beginning in July 2025, malicious wheel packages were uploaded to PyPI, linked to OceanLotus. These packages, disguised as popular libraries, deliver ZiChatBot malware, which operates without a dedicated C2 server, using Zulip APIs instead. The malware targets both Windows and Linux systems, functioning as a dropper for its payload. The attack is characterized as a supply chain attack, with the malicious packages cleverly concealed within benign-looking dependencies. The threat was identified and reported by Securelist, leading to the removal of the malicious packages from PyPI. The campaign highlights the risks associated with supply chain vulnerabilities in software repositories. Key Points: • Malicious packages uploaded to PyPI since July 2025 linked to OceanLotus. • ZiChatBot malware operates using Zulip APIs instead of traditional C2 servers. • The attack targets both Windows and Linux systems, indicating a broad impact.

Key Entities

• OceanLotus (apt_group)
• Malware (attack_type)
• Phishing (attack_type)
• Supply Chain Attack (attack_type)
• backward.so (domain)
• helper.zulipchat.com (domain)
• kaspersky.com (domain)
• terminate.so (domain)
• ZiChatBot (malware)
• 1995682d600e329b7833003a01609252 (md5)
• 22538214a3c917ff3b13a9e2035ca521 (md5)
• 38b75af6cbdb60127decd59140d10640 (md5)
• 454b85dc32dc8023cd2be04e4501f16a (md5)
• 5598baa59c716590d8841c6312d8349e (md5)
• T1053.005 - Scheduled Task (mitre_attack)
• T1055 - Process Injection (mitre_attack)
• T1071.001 - Web Protocols (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1547.001 - Registry Run Keys / Startup Folder (mitre_attack)
• Linux (platform)
• Windows (platform)
• Zulip (tool)