PyPI Cracks Down on Inbox.ru Domains After Identifying 1,500+ Fake Project Uploads

The Python Package Index (PyPI) has banned the inbox.ru email domain following a sophisticated spam campaign that created over 250 fraudulent user accounts and uploaded more than 1,500 fake projects to the platform.

The administrative action prevents both new registrations and the addition of inbox.ru addresses to existing accounts, marking a significant security response to what administrators describe as a potential “dry run” for future attacks.

Coordinated Campaign Spans Three Weeks

The malicious campaign began on June 9, 2025, with the creation of a single verified user account that was configured with two-factor authentication and provisioned with an API token.

This initial account established a pattern of legitimacy that would characterize the entire operation.

The activity escalated dramatically on June 11, when 46 additional accounts were created within a three-hour window, followed by 207 more accounts on June 24 during a four-hour period.

Project uploads commenced on June 26, with the campaign reaching peak activity on June 30 when 740 projects were published in a single day.

The distribution of uploads shows a calculated approach: 9 projects on June 26, 295 on June 27, 39 on June 28, 119 on June 29, followed by the massive June 30 surge.

Activity continued with 249 projects on July 1, 46 on July 2, and smaller numbers on July 10 and 11, totaling 1,525 fraudulent projects.

Technical Sophistication and Security Implications

The fake projects contained no actual code, distinguishing this campaign from traditional malware distribution attempts.

However, PyPI administrators noted that the projects potentially exploited popular software entry points, particularly command-line execution interfaces that don’t require matching the official project name.

This technique, known as “slopsquatting,” creates confusion when users install packages based on AI recommendations or third-party suggestions without verifying their authenticity.

The campaign’s discovery came through user vigilance when someone reported on July 8 that a Large Language Model (Sonnet 4) had recommended installing a non-existent project.

This highlights the emerging threat of AI-assisted package confusion attacks, where automated systems unknowingly propagate malicious package names.

Defensive Measures and Future Prevention

PyPI maintains security through the disposable-email-domains list and an internal blocklist, which administrators update in response to abuse patterns.

The platform has previously blocked other email providers following similar incidents, demonstrating a proactive approach to preventing automated account creation for malicious purposes.

The inbox.ru domain ban represents a significant escalation in PyPI’s security posture, with administrators expressing hope to reverse the decision pending improved abuse prevention by the email provider.

The incident highlights the crucial importance of user verification when installing packages and the ongoing challenges platforms face in combating sophisticated, automated attacks targeting open-source ecosystems.