A malicious package on the Python Package Index named sympy-dev package on PyPI impersonates the SymPy library and has been downloaded more than 1,100 times since January 17 2026 while delivering a cryptominer to Linux hosts.
KEY FACTS
- Incident A PyPI package impersonates a popular symbolic math library
- Package sympy-dev mimics SymPy project description
- Downloads More than 1,100 downloads since January 17 2026
- Payload Loader fetches ELF payloads that run XMRig CPU mining
A technical analysis by Socket said the package contains backdoored functions that retrieve a remote JSON configuration then download an ELF payload and execute it directly from memory using Linux memfd_create and /proc/self/fd.
The altered functions are designed to trigger only when specific polynomial routines are invoked so the malicious activity can remain hidden during normal use. The report describes the downloader fetching payloads from the IP address 63.250.56.54 and launching binaries without writing them to disk.
The second stage comprises two Linux ELF binaries that use an XMRig compatible configuration to perform CPU mining while disabling GPU backends. The configurations point miner traffic to Stratum over TLS endpoints on port 3333 hosted at the same actor controlled IP addresses.
The package replicates SymPy’s project description to appear legitimate. The download count does not equate to infections but suggests some developers may have installed the package. The package remained available on PyPI at the time of writing.
The report notes the technique of executing payloads from memory has been used in earlier cryptojacking campaigns such as FritzFrog and Mimo. It also warns the Python implant can act as a general purpose loader that fetches and runs arbitrary second stage code under the privileges of the Python process.
WHY IT MATTERS
Package impersonation on public repositories can deliver covert loaders and miners that run with application privileges while leaving minimal on disk traces. That behavior raises risk for development and production systems that install dependencies without verification.