Cybersecurity experts have identified a harmful package on the Python Package Index (PyPI) repository that purports to provide a SOCKS5 proxy service but also includes a covert backdoor-like feature to deploy extra payloads on Windows systems.
The deceptive package, known as soopsocks, garnered a total of 2,653 downloads before it was removed. It was initially uploaded by a user named “soodalpie” on September 26, 2025, the same day the account was created.
“Despite offering this functionality, it behaves as a backdoor proxy server targeting Windows systems, utilizing automated installation methods through VBScript or an executable version,” explained JFrog in its analysis.
The executable file (“_AUTORUN.EXE”) is a compiled Go file that not only contains a SOCKS5 implementation as advertised but is also programmed to execute PowerShell scripts, configure firewall rules, and restart itself with elevated privileges. It also conducts basic system and network reconnaissance, such as checking Internet Explorer security settings and Windows installation date, and sends the data to a hardcoded Discord webhook.
The Visual Basic Script (“_AUTORUN.VBS”) launched by the Python package in versions 0.2.5 and 0.2.6 can also run a PowerShell script, which downloads a ZIP file containing the legitimate Python binary from an external domain (“install.soop[.]space:6969”) and generates a batch script to install the package using the “pip install” command.
The PowerShell script then executes the batch script, triggering the Python package to run, elevate itself to run with admin privileges (if not already), configure firewall rules to allow UDP and TCP communication via port 1080, install as a service, communicate with a Discord webhook, and establish persistence on the host through a scheduled task to ensure automatic startup upon system reboot.
“soopsocks is a sophisticated SOCKS5 proxy with full Windows support,” said JFrog. “However, its runtime behavior, including firewall rules, elevated permissions, various PowerShell commands, and the transition from Python scripts to a Go executable with hardcoded parameters, indicates malicious activity.”
The revelation coincides with npm package maintainers expressing concerns about the lack of native 2FA workflows for CI/CD, self-hosted workflow support for trusted publishing, and token management following GitHub’s recent changes in response to a surge in software supply chain attacks, as reported by Socket.
GitHub announced the revocation of all legacy tokens for npm publishers and introduced stricter token expiration policies to enhance security across the industry.
“Long-lived tokens pose a significant risk for supply chain attacks. By limiting token lifetimes, the exposure window is reduced, mitigating potential damage,” GitHub emphasized. “This change aligns npm with industry best practices for security.”
Additionally, Socket introduced Socket Firewall, a free tool that blocks malicious packages during installation in npm, Python, and Rust ecosystems, empowering developers to protect their environments from potential threats.
“Socket Firewall goes beyond safeguarding against problematic top-level dependencies and prevents the package manager from fetching any transitive dependencies known to be malicious,” the company explained.
