MAL-2026-10644

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/proxy-checker-j/MAL-2026-10644.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10644
Published
2026-07-14T23:58:43Z
Modified
2026-07-15T05:20:20.169714286Z
Summary
Malicious code in proxy-checker-j (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (4316f8f54acc92939cdf73074666eecab7d5e680c7c4ad572ad3164671aa19dc)

The package is published on PyPI as proxy-checker-j with the summary 'packaged command for running the bundled qsshd executable', but its actual payload is a Go SSH daemon (qsshd) that opens persistent remote shell access to the installer's host. On execution the daemon dials out to a relay controlled through github.com/mydearniko/overthing and forwards inbound connections to a loopback SSH listener. The SSH listener's PublicKeyCallback authorizes only a single ed25519 public key embedded via //go:embed authorized_keys; any party holding the matching private key gets full interactive shell/PTY (shell.Run), arbitrary command execution (shell.RunExec spawning /bin/bash), direct-tcpip, and tcpip-forward port forwarding on the host. Persistence is established by generating a stable device identity on first run and writing it to ~/.config/.device_lock, /dev/shm/.device_lock, and /tmp/.device_lock, pinning the host as a durable target reachable through the relay across restarts. The reverse-tunnel design lets the operator reach the host through NAT and firewalls. The advertised 'proxy checker' purpose does not match the shipped functionality; the naming is a cover story for a remote-access backdoor.

Source: kam193 (8bbbe85539f267e6bac84fa2d7653392c9235106e5f97e124f06eda25cffb38c)

The embedded binary starts a relayed SSH-like server using a hardcoded authorized_key. Thanks to using a relay network, the attacked does not need to directly expose ports from the machine.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-proxy-check-i

Reasons (based on the campaign):

  • backdoor

  • The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine.

Database specific
{
    "malicious-packages-origins": [
        {
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-010589",
            "import_time": "2026-07-15T01:37:34.697298146Z",
            "sha256": "4316f8f54acc92939cdf73074666eecab7d5e680c7c4ad572ad3164671aa19dc",
            "versions": [
                "0.1.0"
            ],
            "modified_time": "2026-07-15T00:39:23Z"
        },
        {
            "id": "pypi/2026-07-proxy-check-i/proxy-checker-j",
            "source": "kam193",
            "import_time": "2026-07-15T00:34:13.280795403Z",
            "sha256": "8bbbe85539f267e6bac84fa2d7653392c9235106e5f97e124f06eda25cffb38c",
            "versions": [
                "0.1.0"
            ],
            "modified_time": "2026-07-14T23:58:43.286437Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / proxy-checker-j

Package

Affected ranges

Affected versions

0.*
0.1.0

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/proxy-checker-j/MAL-2026-10644.json"
cwes
[
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
indicators
{
    "package_integrity": [
        {
            "filename": "proxy_checker_j-0.1.0-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
            "hashes": {
                "blake2b_256": "d78022c8b0e054479bfbf5e91da8e7e6e18f64eccdcb1de3d6802fedf9085411",
                "sha256": "33e0f0c7b3a6b16f3e7d7d42ec70581ea72e886a3dd9e82afbb5aeab62b6b3cc",
                "md5": "d8e6dde81b7d2be1326d011e287a603a"
            }
        },
        {
            "filename": "proxy_checker_j-0.1.0.tar.gz",
            "hashes": {
                "blake2b_256": "52fb7e96091868e70495b1620653b2b409964626cbcf8c8f38362c9271a1081a",
                "sha256": "5473e90c51f57746065ac32615963616ec964c3b01d43bde6146053fad50b7e0",
                "md5": "3ee838f5cfab35c89106a712c2245e72"
            }
        }
    ],
    "evidence_files": [
        {
            "path": "internal/sshd/server.go",
            "sha256": "1a2bdcc78ae0ee20c7624711f9d1777598a55c8e1f5ed15f0f2adf26c9ab438e",
            "tlsh": "338167d1fe6f097dea95600c8c4185f95abdd5b2a53c00f294d8f7b9119f09f8328694"
        },
        {
            "path": "cmd/qsshd/main.go",
            "sha256": "11b62bdf63eded55b9f9140dc0751043eec98464a1cc7c6cd6023c0056085ec1",
            "tlsh": "0b82a5e2ebbd45160b921068dc549559effcd0394a3890f9f498a2fb308c59fc1bdac6"
        },
        {
            "path": "PKG-INFO",
            "sha256": "650aad67547ffdfee6276674b33a394304cf9d375c418ca56eafb83d1290a40c",
            "tlsh": "89d02ba56381b1b0b0a98ac5010c5b91446bc142668915d6c9e21ecb0d8d26883db030"
        }
    ]
}