A malicious Python package named discordpydebug has been discovered on the Python Package Index (PyPI), masquerading as a debugging tool for Discord bot developers. The package, active since March 2022, contains a remote access trojan (RAT) that has been downloaded over 11,500 times before its removal in May 20251. The malware enables attackers to execute arbitrary commands, steal sensitive data, and maintain persistent access to infected systems.
Malware Functionality and Impact
The malicious package discordpydebug communicates with a command-and-control (C2) server at backstabprotection.jamesx123.repl[.]co, allowing attackers to remotely execute shell commands via subprocess. The malware can read and write files, making it particularly dangerous for developers who store authentication tokens or configuration files in their projects2. Unlike more sophisticated RATs, this malware does not include built-in persistence mechanisms, but its simplicity and targeted nature make it effective.
The primary victims are Discord bot developers, who may inadvertently install the package while searching for debugging tools. Once installed, the malware can exfiltrate sensitive information such as Discord tokens, system credentials, and project files. The attackers use HTTP polling to bypass firewall restrictions, making detection more challenging for security teams3.
Discovery and Mitigation
The malicious package was first uploaded to PyPI on March 21, 2022, and remained active until its discovery by the Socket Research Team in May 20251. Security researchers recommend that developers verify package legitimacy by checking maintainer profiles, download counts, and documentation before installation. Tools like Socket.dev can help detect suspicious dependencies in Python projects.
Organizations should monitor outbound connections to unusual domains, particularly those hosted on repl.co, and restrict pip install permissions in CI/CD pipelines to prevent unauthorized package installations4. Additionally, security teams should review system logs for connections to the known C2 server and scan for the presence of the malicious package in development environments.
Broader Context of Supply Chain Attacks
This incident is part of a growing trend of supply chain attacks targeting open-source package repositories. Similar campaigns have been observed in npm (JavaScript) and Go modules, where attackers upload malicious packages disguised as legitimate libraries5. The PyPI ecosystem has been a frequent target due to its popularity among developers and relatively lax package submission requirements compared to other platforms.
Historical precedents include the pycord-self package, which stole Discord tokens in January 2025, and poweRAT, a combined stealer/RAT discovered in PyPI packages in 20236. These attacks highlight the need for improved vetting processes in open-source repositories and increased awareness among developers about the risks of third-party dependencies.
Conclusion
The discovery of discordpydebug underscores the persistent threat of supply chain attacks in open-source ecosystems. Developers and organizations must remain vigilant when installing third-party packages and implement security measures to detect and prevent such threats. As attackers continue to refine their techniques, collaboration between security researchers, package maintainers, and the broader developer community will be essential to mitigate these risks.
References
- “Malicious PyPI Package Targets Discord Developers with RAT,” Socket Research Team, May 4, 2025.
- “Researchers Uncover Malware in Fake Discord Dev Tool on PyPI,” The Hacker News, May 6, 2025.
- “Malicious PyPI Package Hides RAT Malware, Targets Discord Devs Since 2022,” BleepingComputer, May 8, 2025.
- “RAT-Laced PyPI Package Sets Sights on Discord Developers,” SC Media, May 7, 2025.
- “A Deep Dive into poweRAT: A Newly Discovered Stealer/RAT Combo Polluting PyPI,” Phylum.io, 2023.
- “Malicious PyPI Package Steals Discord Auth Tokens from Devs,” BleepingComputer, Jan. 2025.
