MAL-2025-191701

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/chimera-sandbox-extensions/MAL-2025-191701.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2025-191701

Published

2025-06-09T09:48:52Z

Modified

2025-12-12T20:33:16.204153Z

Summary

Malicious code in chimera-sandbox-extensions (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (9b87170278a2bed3680592ca4efa2d402a56ee044fcfea4b95831e545431a794)

When started, the code attempts to access multiple domains based on the generating algorithm. Once one valid is found, it downloads a script and executes it. The script collects data about the environment (e.g. attempts to get cloud tokens from the metadata URLs, collects some env variables) and sends them further to the remote target, which then decides about next stage code.

It may be targetting https://engineering.grab.com/chimera-sandbox

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-06-chimera-sandbox-extensions

Reasons (based on the campaign):

The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
Downloads and executes a remote malicious script.

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "df3188f671b86c3449c0c8f84297a3e7d9cd3ce78ea1bca164a406af9fa61075",
            "source": "kam193",
            "import_time": "2025-12-02T22:30:55.042168732Z",
            "id": "pypi/2025-06-chimera-sandbox-extensions/chimera-sandbox-extensions",
            "modified_time": "2025-06-09T09:48:52Z",
            "ranges": [
                {
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ],
                    "type": "ECOSYSTEM"
                }
            ]
        },
        {
            "sha256": "9b87170278a2bed3680592ca4efa2d402a56ee044fcfea4b95831e545431a794",
            "source": "kam193",
            "import_time": "2025-12-02T23:07:18.05066485Z",
            "id": "pypi/2025-06-chimera-sandbox-extensions/chimera-sandbox-extensions",
            "modified_time": "2025-06-09T09:48:52Z",
            "ranges": [
                {
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ],
                    "type": "ECOSYSTEM"
                }
            ]
        },
        {
            "modified_time": "2025-06-09T09:48:52Z",
            "source": "kam193",
            "import_time": "2025-12-10T21:38:57.341498442Z",
            "id": "pypi/2025-06-chimera-sandbox-extensions/chimera-sandbox-extensions",
            "versions": [
                "0.1.42"
            ],
            "sha256": "1e89ffb6c4a4ddf1f4b57a300ca231b1e805f3f61c27c2c581b8be6a9c156df5"
        }
    ],
    "iocs": {
        "domains": [
            "chimerasandbox.workers.dev"
        ]
    }
}

References

Credits

- Kamil Mańkowski (kam193)
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- Kamil Mańkowski (kam193) - REPORTER
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/

Affected packages

PyPI / chimera-sandbox-extensions

Package

Name: chimera-sandbox-extensions; View open source insights on deps.dev
Purl: pkg:pypi/chimera-sandbox-extensions

Affected ranges

Affected versions

0.*

0.1.42

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/chimera-sandbox-extensions/MAL-2025-191701.json"