The of the open-source software supply chain was once again tested when JFrog’s research team uncovered a malicious package on PyPI. The package, named SoopSocks (XRAY-725599), masqueraded as a legitimate SOCKS5 proxy tool but in reality, behaved as a backdoor with advanced persistence and reconnaissance features.
At first glance, SoopSocks promised to deliver a basic SOCKS5 proxy service. SOCKS5 is a network proxy protocol that forwards traffic between a client and external servers, often used for tunneling, anonymization, or bypassing restrictions. But SoopSocks concealed far more dangerous functionality.
According to JFrog, “The SoopSocks PyPI package promises to create a SOCKS5 proxy service and report information about the server to a configurable Discord webhook … While providing this capability it exhibits behaviour as a Backdoor proxy server, targeting Windows platforms.”
The malicious package evolved rapidly across versions:
- v0.1.0 – v0.1.2: Basic SOCKS5 implementation.
- v0.2.0 – v0.2.4: Added _autorun.exe and Windows service support.
- v0.2.5 – v0.2.6: Introduced VBScript deployment.
- v0.2.7: Streamlined into a GO-based EXE-only deployment.
JFrog explains that “The executable is a compiled GO file, inside of it can be found hardcoded discord webhook and powershell scripts that it runs automatically, including firewall rules and other scripts.”
SoopSocks employs multiple persistence techniques, including:
- Windows Service installation (SoopSocksSvc) with SYSTEM privileges.
- Scheduled Tasks to guarantee execution at startup and logon.
- Firewall Rule modifications automatically allowing inbound TCP/UDP traffic on port 1080.
- UAC bypass through hidden PowerShell execution.
Once running, the malware reports back to a hardcoded Discord webhook every 30 seconds, leaking network reconnaissance data such as hostnames, local and public IPs, and system fingerprints. JFrog highlights that “The existence of a SOCKS5 proxy running as a service, with FW rules opened can be abused to route traffic, anonymize attacker connections, or provide an egress tunnel for further malicious traffic.”
The SoopSocks codebase included several malicious modules:
- server.py – Implements a full SOCKS5 open proxy with no authentication.
- discord.py – Sends structured JSON updates to a Discord webhook.
- egress.py – Conducts network reconnaissance, including STUN-based NAT traversal detection.
- autostart.py & service_windows.py – Establish persistence as a scheduled task or Windows service.
- firewall.py – Injects inbound firewall rules.
JFrog observes that these features, while initially “declared” in the package description, cross the line into maliciousness: “Given the way it performs and actions it takes during runtime, it shows signs of malicious activity, such as FW rules, elevated permissions, various PowerShell commands and the transfer from simple, configurable python scripts to GO executable with hardcoded parameters version with reconnaissance capabilities to a predetermined discord webhook.”
The SoopSocks package was removed from PyPI on September 29, 2025, at 6:00 PM GMT+3 after JFrog reported it as suspicious.
The case underscores the ongoing risks in open-source ecosystems, where malicious packages can masquerade as legitimate tools and gain wide adoption before detection. With SoopSocks capable of turning Windows hosts into stealthy backdoor proxies, organizations must remain vigilant about the dependencies they install.
- CAPTCHA to Command: Trustwave Uncovers Stealthy NodeJS Backdoor Campaign
- CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution
- GhostSocks Malware: A New Cyber Threat Leveraging SOCKS5 Backconnect for Evasion
- CVE-2024-6915 (CVSS 9.3): JFrog Artifactory Flaw Exposes Software Supply Chains to Cache Poisoning
- Critical flaw affects Rancher open source container management platform
