-= Per source details. Do not edit below this line.=-
The package advertises itself as a wrapper for a 'qsshd executable' but the bundled Go binary is a reverse-SSH daemon that grants a remote operator persistent shell, exec, pty, and TCP port-forwarding on the installer's host. The entry point proxy-check-i (declared in the package's console_scripts, mapped to qsshd.launcher:main) uses os.execv to launch the bundled Go binary. The daemon establishes device identity by writing a .device_lock file under $XDG_CONFIG_HOME, /dev/shm, or /tmp, then repeatedly dials out to a relay via github.com/mydearniko/overthing (tunnel.NewServer with RelayURI and ForwardAddr pointing at the local SSH listener). SSH authentication only accepts a single hardcoded ed25519 public key embedded at build time via //go:embed authorized_keys, so only the key holder can connect. The reverse-connect design bypasses inbound firewalls. PyPI metadata is a cover story: PKG-INFO summary mentions only 'qsshd executable' with no README and no disclosure of SSH-server, authorized-keys, or outbound-relay behavior, so an installer cannot infer they are enabling a remote-shell daemon. Any host that runs proxy-check-i is remotely controllable by the key holder.
{
"malicious-packages-origins": [
{
"sha256": "2da390c130eb840eb129a5d43faf0a64a0f0f602070243613aa0e2f8ea8f6d04",
"id": "IN-MAL-2026-009583",
"import_time": "2026-07-09T22:56:36.667062536Z",
"versions": [
"0.1.0"
],
"modified_time": "2026-07-09T22:16:53Z",
"source": "amazon-inspector"
},
{
"versions": [
"0.1.1"
],
"id": "IN-MAL-2026-009584",
"import_time": "2026-07-09T22:56:36.772525864Z",
"modified_time": "2026-07-09T22:17:01Z",
"sha256": "ee0e907c752a42d6a2b084a971dd61af2b020ccf33026f9a7b40367615344b36",
"source": "amazon-inspector"
}
]
}{
"evidence_files": [
{
"tlsh": "5ea0243044d044035dcc150701c40d7fdd3135053fdc0f00504100141dfd5c1cc1403c",
"sha256": "2dca1f8128dd32da51ec6aea5e0a409773bfe8172655e72b94c7e832437ecd0f",
"path": "internal/sshd/authorized_keys"
},
{
"sha256": "3635d4483809bb7c3dab73fbc0b560dd2b0b470a1ce7d2a11d596119b2a52f33",
"tlsh": "f872b5e2db7d45160ba20069dc54d559ebbcd0394a3890f5f488a2fb30cc59fd1beac6",
"path": "cmd/qsshd/main.go"
},
{
"sha256": "355069045531fb20f10b935c247fa039afc674bb9119de10452bea1e44394949",
"tlsh": "aad02b91638071f0b099cad6010c5a61545ad242568915d6c9e21fce098922887db030",
"path": "PKG-INFO"
}
],
"package_integrity": [
{
"filename": "proxy_check_i-0.1.0-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"hashes": {
"sha256": "d3ff7f14ed32e364dd5fbba8e213d66e827befb00de5f9ea6f144869e811aebf",
"md5": "60db2097a2f2022c9ed4f1b3641f647d",
"blake2b_256": "3fd6a6c4cb30258011fdfe2a1dd0b5086b35ece26cbb4fbd94549ef388676b00"
}
},
{
"filename": "proxy_check_i-0.1.0.tar.gz",
"hashes": {
"md5": "47b608ef1bb0133a43583bd56aa15920",
"sha256": "eac076dd2942038a9a40963d429b77755baaf6b06b71f237a12b4d76a48cc57f",
"blake2b_256": "93841f5f847c4b5f95e73df6abb3af40c7a2a92fa04bf6dac7b18e7a6d3fb78b"
}
}
]
}
[
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
},
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
}
]
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/proxy-check-i/MAL-2026-10100.json"