Threat Intelligence Bearish 7

ChocoPoC RAT Hits 2,400+ Researchers via Dependency-Poisoned GitHub PoCs

· 4 min read · Verified by 2 sources ·
Share

Key Takeaways

  • A new supply-chain attack targets cybersecurity researchers with a Python RAT hidden in malicious PyPI dependencies of weaponized PoC exploits.
  • At least seven GitHub repos and 2,400 downloads of the dropper package have been confirmed.

Mentioned

ChocoPoC malware GitHub company Sekoia company PyPI organization Mapbox company frint product skytext product

Key Intelligence

Key Facts

  1. 1At least seven weaponized PoC repositories on GitHub were found distributing ChocoPoC RAT, targeting vulnerabilities in FortiWeb, React2Shell, MongoBleed, PAN-OS, Ivanti Sentry, Check Point VPN, and Joomla SP Page Builder.
  2. 2The malware uses two trojanized PyPI packages—‘frint’ and ‘skytext’—with ‘skytext’ containing a compiled native Python extension that decrypts and executes the malicious payload.
  3. 3ChocoPoC’s payload is fetched from a Mapbox dataset, a legitimate geospatial platform abused for command-and-control and data exfiltration.
  4. 4The skytext package was downloaded approximately 2,400 times, mostly on Linux systems, with a surge after the disclosure of a popular vulnerability.
  5. 5Larger stolen files are exfiltrated via a separate HTTP server, indicating a tiered data exfiltration strategy to avoid detection.
  6. 6The campaign specifically targets cybersecurity researchers, exposing them to data theft and potential lateral movement within sensitive networks.
skytext package downloads
2,400 spike after major vuln disclosure

Downloads of the trojanized PyPI dependency observed by Sekoia

ChocoPoC

Company
Payload Source
Mapbox dataset
Delivery Method
Trojanized PyPI package (frint/skytext)
Targeted OS
Predominantly Linux
Repos Identified
7

Analysis

For the cybersecurity community, this isn’t just another malware alert—it’s a direct strike against the tools of our trade. ChocoPoC exploits the very trust researchers place in PoC code and open-source dependencies, proving that even seasoned professionals can be compromised by a poorly vetted repository. The use of Mapbox as a covert C2 channel represents a clever abuse of trusted cloud services that could easily bypass standard network monitoring.

A sophisticated malware campaign targeting the cybersecurity research community has been uncovered, leveraging weaponized proof-of-concept (PoC) exploits on GitHub to deliver a newly identified Python-based remote access trojan (RAT) named ChocoPoC. Discovered by researchers at Sekoia, the campaign represents a significant evolution in supply-chain attacks, moving beyond simply embedding malicious code in PoC files to poisoning the very dependency ecosystem that developers and researchers rely on. By injecting malicious PyPI packages into the dependency list of publicly available exploit repositories, the threat actor has created a stealthy infection vector that compromises victims before any exploit code is even manually executed.

Sekoia’s discovery will likely prompt GitHub and PyPI to accelerate their malicious package detection capabilities, but the onus remains on the community to treat every piece of untrusted code with extreme suspicion.

The campaign is not the first to target security professionals, but its technical sophistication marks a new level of danger. ChocoPoC distributes itself through at least seven GitHub repositories, each supposedly containing functional exploits for high-profile vulnerabilities including FortiWeb (CVE-2025-64446), React2Shell (CVE-2025-55182), MongoBleed (CVE-2025-14847), PAN-OS (CVE-2026-0257), Ivanti Sentry (CVE-2026-10520), Check Point VPN (CVE-2026-50751), and Joomla SP Page Builder (CVE-2026-48908). When a victim clones one of these repositories, the trojanized Python package ‘frint’ is fetched and installed automatically from PyPI. Frint, in turn, pulls a dependency called ‘skytext’ which contains a compiled native Python extension. This extension is designed to decrypt and execute additional code upon PoC execution, launching a downloader that retrieves the final ChocoPoC payload from a dataset hosted on Mapbox—a mapping and location data platform abused here for covert command-and-control and data exfiltration.

The choice of Mapbox is particularly insidious; it allows the malware to blend in with legitimate HTTPS traffic and evade network detection mechanisms that might flag unfamiliar domains. Sekoia reports that the skytext package alone has been downloaded approximately 2,400 times, predominantly on Linux-based systems, with a noticeable spike following the public disclosure of a popular vulnerability used as a lure. Although it remains uncertain how many of these downloads led to full compromise, the number highlights the widespread exposure and the potential impact on security research networks, which often have privileged access to sensitive tools and data. Moreover, the threat actor uses Mapbox datasets for exfiltration of smaller files, while larger uploads are routed through a separate HTTP server, indicating a tiered approach to data theft that maximizes stealth.

What to Watch

The implications for the cybersecurity industry are severe. Researchers who routinely handle zero-days, exploit code, and corporate vulnerability data are now prime targets. An infected researcher could inadvertently expose entire organizations or client networks. The attack also erodes trust in open-source repositories and package registries. Security professionals may need to adopt the same caution they preach: sandboxing, code review, and careful dependency vetting for any PoC code before execution, even from seemingly reputable sources. GitHub and PyPI, already grappling with similar threats, will face renewed pressure to implement stricter scanning and more rapid takedown procedures. The campaign underscores the fact that the security research ecosystem has become a high-value target, and attackers are increasingly willing to invest in elaborate, multi-stage infection chains to compromise it.

Looking forward, similar dependency-based attacks are likely to proliferate, not only against researchers but also against developers in general. The use of platforms like Mapbox for command-and-control could inspire other threat actors to repurpose legitimate cloud services for malicious ends, complicating detection. Defenders must anticipate more creative abuse of trust relationships in software supply chains. Sekoia’s discovery will likely prompt GitHub and PyPI to accelerate their malicious package detection capabilities, but the onus remains on the community to treat every piece of untrusted code with extreme suspicion.

Sources

Sources

Based on 2 source articles

How we covered this story

Every story in our cybersecurity coverage is assembled from multiple primary sources, cross-referenced for factual consistency, and scored along three independent dimensions: sentiment, operational impact, and source-cluster confidence. Single-source rumors and unverifiable claims do not pass our editorial gate. When a story shows "Verified by N sources" with N≥2, the development is independently corroborated; when N=1, we mark it explicitly so readers can weigh the signal accordingly.

Impact scoring uses a 1-10 scale weighted toward regulatory, financial, and operational consequence rather than coverage volume. A topic that runs in every outlet but moves no real decisions ranks lower than a niche regulatory filing that reshapes how operators in the cybersecurity space have to behave. Read our full methodology for the scoring rubric, our glossary for term definitions, and our trends index for the longitudinal view across the beat.