Investigating a backdoored PyPi package targeting FastAPI applications | allinfosecnews.com

Nov. 23, 2022, midnight |

Datadog Security Labs securitylabs.datadoghq.com

Introduction

FastAPI is a highly popular Python web framework. On November 23rd, 2022, the Datadog Security Labs team identified a third-party utility Python package on PyPI related to FastAPI, fastapi-toolkit, that has been backdoored by a malicious actor. The attacker inserted a backdoor in the package, adding a FastAPI route allowing a remote attacker to execute arbitrary python code and SQL queries in the context of the web application.

While FastAPI itself is not impacted, this is an interesting …

applications fastapi package pypi pypi package targeting

More from securitylabs.datadoghq.com / Datadog Security Labs

Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover 1 week, 4 days ago | securitylabs.datadoghq.com

amplify aws disclosure exposed +11

The XZ Utils backdoor (CVE-2024-3094): Everything you need to know, and more 3 weeks, 2 days ago | securitylabs.datadoghq.com

ages backdoor backdoors cve +9

A threat-informed roadmap for securing Kubernetes clusters (KubeCon EU 2024) 1 month ago | securitylabs.datadoghq.com

attacks clusters controls kubecon +8

Tales from the cloud trenches: Using malicious AWS activity to spot phishing campaigns 1 month, 1 week ago | securitylabs.datadoghq.com

aws campaign campaigns cloud +5

Kubernetes security fundamentals: Authentication 2 months, 2 weeks ago | securitylabs.datadoghq.com

authentication fundamentals kubernetes kubernetes security +1

An analysis of a TeamTNT doppelgänger 2 months, 3 weeks ago | securitylabs.datadoghq.com

analysis api api endpoints backdoors +7

Tales from the cloud trenches: Amazon ECS is the new EC2 for crypto mining 3 months, 1 week ago | securitylabs.datadoghq.com

amazon amazon ecs attacks aws +11

From IRC to Instant Messaging: The Rise of Malware Communication via Chat Platforms 3 months, 2 weeks ago | securitylabs.datadoghq.com

chat communication datadog instant messaging +9

Highlights from Datadog Security Labs in 2023 3 months, 3 weeks ago | securitylabs.datadoghq.com

datadog labs security

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Security Architect - Hardware

@ Intel | IND - Bengaluru

View on infosec-jobs.com

Elastic Consultant

@ Elastic | Spain

View on infosec-jobs.com

OT Cybersecurity Specialist

@ Emerson | Abu Dhabi, United Arab Emirates

View on infosec-jobs.com

Security Operations Program Manager

@ Kaseya | Miami, Florida, United States

View on infosec-jobs.com

Senior Security Operations Engineer

@ Revinate | Vancouver

View on infosec-jobs.com