The Python Package Index (PyPI) has implemented an immediate ban on inbox.ru email domain registrations following a sophisticated spam campaign that resulted in over 1,500 fake project uploads across a month-long period.
The attack, which began on June 9, 2025, involved the creation of more than 250 user accounts that systematically flooded the repository with empty packages designed to exploit package confusion vulnerabilities.
The campaign demonstrated a methodical approach to large-scale repository abuse, with attackers first establishing legitimate-appearing accounts complete with two-factor authentication and API tokens before launching their upload offensive.
The fake projects contained no actual code but were strategically named to potentially intercept installations of legitimate packages, a technique known as “slopsquatting.”
This approach differs from traditional malware distribution, instead focusing on creating confusion and potentially preparing infrastructure for future attacks.
PyPI analysts identified the malicious activity on July 8, 2025, after a user reported that an AI language model (Sonnet 4) had recommended installing a non-existent package.
This discovery prompted immediate investigation, revealing the full scope of the coordinated campaign that had been operating undetected for nearly a month.
Attack Methodology and Timeline Analysis
The attackers employed a sophisticated multi-phase approach that began with careful account establishment and culminated in massive upload volumes.
Initial reconnaissance started on June 9 with the creation of a single, fully-verified account including two-factor authentication setup.
The campaign then escalated rapidly, with 46 accounts created within three hours on June 11, followed by 207 accounts established in just four hours on June 24.
The upload phase commenced on June 26 with nine initial projects, building to a crescendo on June 30 when 740 fake packages were uploaded in a single day.
The projects targeted command-line interface entrypoints, exploiting the fact that these execution interfaces need not match the actual PyPI project name, creating opportunities for package confusion attacks.
PyPI administrators responded swiftly upon discovery, removing all 1,525 malicious projects, disabling associated accounts, and implementing domain-level restrictions on inbox.ru registrations.
The repository maintainers emphasized that while this action was necessary for security, they remain open to reversing the decision if the email provider demonstrates improved abuse prevention measures.
Boost detection, reduce alert fatigue, accelerate response; all with an interactive sandbox built for security teams -> Try ANY.RUN Now
.webp?w=100&resize=100,70&ssl=1 "Top 10 Best Fraud Prevention Companies in 2025")
.webp?w=100&resize=100,70&ssl=1 "Top 10 Best Account Takeover Protection Tools in 2025")
