MAL-2026-10610

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/proxy-check-ii/MAL-2026-10610.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10610
Published
2026-07-14T17:07:54Z
Modified
2026-07-15T05:20:20.153826994Z
Summary
Malicious code in proxy-check-ii (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (a736498f3f882a4ba79f793dc893883db41d8cb5a74ecfe0c66dace9cc477a20)

The wheel is advertised as 'proxy-check-ii' with a one-line summary of 'packaged command for running the bundled qsshd executable' and no README, homepage, source, or author metadata. It installs a 7.7MB prebuilt Go binary at qsshd/bin/qsshd (sha256 b63ca13bc013aea83a8a9876ce1959cc07ced44e4912908e8d831f8c3b0fd72f) and a Python console script proxy-check-ii whose main() is a bare os.execv of that binary with any caller-supplied args forwarded. Strings in the binary show it links golang.org/x/crypto/ssh, github.com/hashicorp/yamux, and github.com/mydearniko/overthing/pkg/{relay,network,protocol} — an SSH/PTY server multiplexed over a yamux relay, consistent with a reverse-tunneled remote-shell overlay. The declared package name and metadata do not disclose that installing and running proxy-check-ii stands up an SSH daemon; the pure-python wheel tag also misrepresents the shipped platform-specific ELF payload. The Python wrapper performs no auditing or configuration of the binary — its runtime behavior (bind address, rendezvous endpoint, authorized keys, whether it dials out to a preset overlay) is opaque to the caller.

Source: kam193 (8a222abeb680e48d3cffbdeb7f0d6cba713b023d825b2c42c7a849b36b2fe0a5)

The embedded binary starts a relayed SSH-like server using a hardcoded authorized_key. Thanks to using a relay network, the attacked does not need to directly expose ports from the machine.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-proxy-check-i

Reasons (based on the campaign):

  • backdoor

  • The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine.

Database specific
{
    "malicious-packages-origins": [
        {
            "modified_time": "2026-07-14T17:07:55.382887Z",
            "source": "kam193",
            "import_time": "2026-07-14T18:28:30.436093172Z",
            "versions": [
                "0.1.0"
            ],
            "id": "pypi/2026-07-proxy-check-i/proxy-check-ii",
            "sha256": "8a222abeb680e48d3cffbdeb7f0d6cba713b023d825b2c42c7a849b36b2fe0a5"
        },
        {
            "modified_time": "2026-07-14T21:24:15Z",
            "source": "amazon-inspector",
            "import_time": "2026-07-14T21:49:52.858601453Z",
            "id": "IN-MAL-2026-010568",
            "versions": [
                "0.1.0"
            ],
            "sha256": "a736498f3f882a4ba79f793dc893883db41d8cb5a74ecfe0c66dace9cc477a20"
        }
    ]
}
References
Credits

Affected packages

PyPI / proxy-check-ii

Package

Affected ranges

Affected versions

0.*
0.1.0

Database specific

indicators
{
    "package_integrity": [
        {
            "filename": "proxy_check_ii-0.1.0-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
            "hashes": {
                "blake2b_256": "11bfbabde3b5358e6234734f32c279fc505cd883e4fff790130d1fa2aa11e537",
                "md5": "9073606141e11e5a0c1c936bfe2d10b1",
                "sha256": "51de744e1104acbaf1be76b84d5d57703a20ea56f101f1a333f2d311d5e41eef"
            }
        }
    ],
    "evidence_files": [
        {
            "tlsh": "0621c04ad9e21c63d5a5e398d7023c2b036664b33575182abd1f91601f4e0b680b5958",
            "path": "proxy_check_ii-0.1.0.data/purelib/qsshd/launcher.py",
            "sha256": "6b64a3efa390eb5f181d70a6604744c0ffead9d91957e6a2bdd5133eb6080f5c"
        },
        {
            "tlsh": "0ed02b91639071b0b099cad5010c5a61459ad24256ca15d6c9e21fca098922847db030",
            "path": "proxy_check_ii-0.1.0.dist-info/METADATA",
            "sha256": "a28fa63ed45b973e855cf25adc27e35bc0218ae1ac11ec30283fa636e26cf3d2"
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/proxy-check-ii/MAL-2026-10610.json"
cwes
[
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    }
]