The package that imitated SymPy and mined cryptomonedas in memory from PyPI

A malicious package has reached the Python Package Index (PyPI) pretending to be a development version of a library known for symbolic calculation, and its modus operandi deserves attention: it does not just install suspicious code, but acts as a charger capable of bringing and running binaries in memory to put cryptomoneda mining in Linux systems.

The supplating piece appeared under the name Symphy-dev and even replicated the description of the legitimate project to confuse the one who installed what seemed to be a variant of SymPy. According to PyPI's public data, the package accumulated more than a thousand downloads since its publication in mid-January 2026, a figure that does not necessarily amount to the number of machines engaged but does indicate that some developers could install it by mistake. The registration of the package page in PyPI can be found here: https: / / pypi.org / project / symphy-dev /.

The technical research carried out by the Socket details how the malicious code modifies specific library functions to act as launchers. These functions are activated only when certain polynomic routines are invoked, a deliberate strategy to delay detection: the harmful behavior is hidden until the legitimate flow of the library reaches those points.

When the compromised routines are run, the package contacts a remote server and first download a JSON configuration and then one or two ELF binaries designed for Linux from the IP address observed by the researchers. Instead of writing those binaries on disk, the attacker loads them directly into memory and runs them using kernel-specific techniques, such as memfd _ create combined with descriptors in/ proc / self / fd, which reduces the prints on the file system and complicates the forensic analysis. The reference to the use of memfd _ create can be found in the system documentation: man 2 memfd _ create.

The objective to date was the implementation of a cryptomoneda mine compatible with XMRig. The downloaded configuration files indicate a scheme for CPU mining, with GPU backends disabled, and connect to Stratum servers encrypted in port 3333 that belong to the attacker's infrastructure. XMRig is a known mining project and its source code is publicly available: https: / / github.com / xmrig / xmrig. Although the use of the campaign was mining, the vector is much more dangerous: Python modules act as a General purpose loader able to download and run any second stage under the privileges of the compromised Python process.

This type of operation is not completely unpublished: other actors have used to run binaries directly in memory to avoid leaving artifacts on disk, a tactic documented in previous cryptojacking campaigns. Running code in memory requires combining signature-based detection with process and network traffic monitoring, as static analysis of disk files may be short.

The presence of this package in PyPI raises several reflections on the safety of the package ecosystem: the ease of publishing packages with names that mimic popular projects, the implicit confidence of installing units without checking them, and the difficulty of protecting development environments against devices designed to be legitimate. Packing tools and reputation services help, but the first line of defense is still in team practice: check names, check hashes, set versions on requirements and prefer official and signed dependencies where possible.

If you manage Python environments or Linux servers, it is appropriate to audit recent facilities and monitor processes with unusual use of CPU, outgoing Stratum connections or executions that invoke memfd _ create. Changing passwords if there is suspicion of intrusion and reinstalling from reliable sources are prudent measures. In addition, the community and the public repository maintainers continue to develop policy improvements and controls to reduce the risk of package supplanting, but prevention at the developer level remains crucial.

To further the case and technical analysis, the Socket report provides a detailed review of the performance and commitment indicators: Socket analysis. The PyPI package is still available at its public entrance and the legitimate library that was supplanted is available on the official SymPy site: https: / / www.symphy.org.

In short, the threat mixed social engineering (project supplanting), avoidance techniques (conditioned activation and memory execution) and the use of a generic implantator that, although observed as a mine of XMRig, could be used to deploy any other malicious code under the Python process permits. History recalls that in third-party software caution is not optional, and that small implicit trust can open the door to high-impact commitments.