ChocoPoC RAT: Trojanized GitHub Exploits Target Cybersecurity Researchers
A sophisticated campaign is leveraging weaponized Proof-of-Concept (PoC) exploits on GitHub to deliver a Python-based Remote Access Trojan (RAT) named **ChocoPoC**. This malware, designed to execute commands and steal sensitive data, notably targets cybersecurity researchers by embedding malicious Python packages in dependency lists rather than directly within the exploit code.
Threat actors are increasingly using **GitHub** as a distribution channel for malware, a trend that continues with the emergence of **ChocoPoC**. This new Python RAT is being delivered through trojanized PoC exploits for various vulnerabilities, primarily targeting security professionals and penetration testers.
### A New Twist on a Familiar Tactic
The tactic of hiding malware within PoC exploits is not new, with previous instances involving threat actors posing as legitimate researchers or capitalizing on trending vulnerabilities. However, **ChocoPoC** introduces a notable evolution in its delivery mechanism. Instead of embedding the malware directly into the exploit file, it injects malicious Python packages into the PoC's dependency list.
### The Infection Chain: From GitHub to PyPI
According to researchers at cybersecurity firm **Sekoia**, these malicious packages are hosted on the **Python Package Index (PyPI)**, a widely used platform for Python developers to share and source code. When a victim clones a malicious repository, a trojanized package named 'frint' is automatically fetched and installed.

During installation, 'frint' pulls a malicious dependency package, 'skytext,' which contains a compiled native Python extension. This extension automatically executes when the PoC runs, decrypting embedded Python code that triggers a downloader. The final **ChocoPoC** payload is then retrieved from a **Mapbox** dataset.
### ChocoPoC's Capabilities
Once installed, the **ChocoPoC** RAT boasts a wide range of capabilities, enabling extensive system compromise and data exfiltration:
* Execute arbitrary shell commands and Python code.
* Upload files and directories.
* Collect browser passwords, cookies, autofill data, and browsing history.
* Search for text files, Markdown documentation, and database files.
* Gather shell history.
* Collect network configuration.
* Enumerate running processes.
**Mapbox** datasets are also exploited for data exfiltration, though larger file uploads are handled via a separate HTTP server.
.jpg)
### Widespread Distribution and Luring Victims
**Sekoia** has identified at least seven PoC repositories on **GitHub** distributing **ChocoPoC**, hosting exploits for various vulnerabilities including **FortiWeb (CVE-2025-64446)**, **React2Shell (CVE-2025-55182)**, **MongoBleed (CVE-2025-14847)**, **PAN-OS (CVE-2026-0257)**, **Ivanti Sentry (CVE-2026-10520)**, **Check Point VPN (CVE-2026-50751)**, and **Joomla SP Page Builder (CVE-2026-48908)**.
The 'skytext' package alone has been downloaded over 2,400 times, predominantly on Linux-based systems. Downloads surged following the disclosure of popular vulnerabilities, a clear tactic to lure unsuspecting researchers into downloading and testing the trojanized PoCs.

### Attacker Attribution and Recommendations
Before 'frint' and 'skytext,' the campaign utilized similar packages named 'slogsec' and 'logcrypt.cryptography' to deliver the same **ChocoPoC** payload. While the identity of the attackers remains unconfirmed, **Sekoia** researchers found several email addresses associated with **GitHub** committers linked to similar trojanizing activity in late 2025. Credentials for two of these emails were found in leak databases, and another login likely originated from an infostealer compromise.
This suggests, with high confidence, that the attackers primarily used compromised accounts to publish malicious **PyPI** packages and PoCs.
This sophisticated delivery technique allows the exploit code to remain seemingly benign while assigning malicious behavior to seemingly harmless dependency packages. Given that vulnerability and penetration testers are prime targets due to their frequent interaction with untrusted code, it is crucial to exercise extreme caution. Security professionals are strongly advised to never blindly trust **GitHub** repositories and to execute unverified code only within isolated, secure environments.