MAL-2026-10672

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/northstart-sdk/MAL-2026-10672.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10672
Published
2026-07-15T10:15:13Z
Modified
2026-07-15T11:49:26.323598148Z
Summary
Malicious code in northstart-sdk (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (aa58bcfb4f89faf624c1f99bb552e597cc2e061330a2e98e72e6f401bb70b4f9)

The pypi package northstart-sdk 0.2.1 executes attacker-controlled code as a side effect of import northstart_sdk. The top-level __init__.py assigns AUTO_DEMO_RESULTS = _run_bundled_encrypted_demos(), which fetches 8 bytes from a hardcoded Yuque CDN PNG (https://cdn.nlark.com/yuque/0/2026/png/12727464/...png), uses them as PBKDF2-HMAC-SHA256 key material (with a static PNG-signature fallback so the shipped ciphertext is decryptable offline), decrypts JSON blobs under src/northstart_sdk/_encrypted_demos/, and passes the decrypted bytes to compile() and exec() via _execute_source. The bespoke crypto + remote-key-fetch construction serves only to keep the exec'd payload out of source review. The plaintext progenitor of that payload is shipped in the same tree at encry/whats.ak: length-prefixed framed socket I/O (s.sendall(struct.pack('>I', len(enc))), matching s.recv framing), XOR/AES-GCM/ChaCha20/Fernet routines, RSA-OAEP key exchange, and an auth-message builder that transmits user/password/id fields to a remote peer, with function names obfuscated and misleading # API endpoint handler / # Health check endpoint comments. Importing the package launches a remote-controlled agent that opens an encrypted framed connection to an operator-controlled socket.

Source: kam193 (3d6810f5c57750ef71c1a2ee0bc6516a3ba537caf263d8002cdd016623052d5a)

The package contains encrypted and obfuscated code that starts a custom reverse shell/command execution during module import.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-northstart-sdk

Reasons (based on the campaign):

  • targetted-attack

  • The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.

  • obfuscation

Database specific
{
    "iocs": {
        "urls": [
            "https://cdn.nlark.com/yuque/0/2026/png/12727464/1778740736364-99396a4c-917b-45a7-badd-0370f3adb537.png",
            "https://cdn.nlark.com/yuque/0/2026/png/12727464/"
        ],
        "ips": [
            "120.26.37.185"
        ]
    },
    "malicious-packages-origins": [
        {
            "id": "pypi/2026-07-northstart-sdk/northstart-sdk",
            "source": "kam193",
            "import_time": "2026-07-15T10:37:00.135512944Z",
            "sha256": "3d6810f5c57750ef71c1a2ee0bc6516a3ba537caf263d8002cdd016623052d5a",
            "versions": [
                "0.1.0",
                "0.2.0",
                "0.2.1",
                "0.2.2"
            ],
            "modified_time": "2026-07-15T10:15:13.435134Z"
        },
        {
            "id": "IN-MAL-2026-010672",
            "source": "amazon-inspector",
            "import_time": "2026-07-15T11:33:39.95529114Z",
            "sha256": "17f68f661bf453ef576588ba4df616591d1006309a8690a3cd3c47150b5bfe6a",
            "versions": [
                "0.2.2"
            ],
            "modified_time": "2026-07-15T10:43:53Z"
        },
        {
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-010673",
            "import_time": "2026-07-15T11:33:40.018306032Z",
            "sha256": "4f1d190be28e928760964e5bb40bba73dcbf5fca4a61ed9907ed7f7757fb1c56",
            "versions": [
                "0.2.0"
            ],
            "modified_time": "2026-07-15T10:48:39Z"
        },
        {
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-010674",
            "import_time": "2026-07-15T11:33:40.089700113Z",
            "sha256": "aa58bcfb4f89faf624c1f99bb552e597cc2e061330a2e98e72e6f401bb70b4f9",
            "versions": [
                "0.2.1"
            ],
            "modified_time": "2026-07-15T10:48:47Z"
        },
        {
            "id": "pypi/2026-07-northstart-sdk/northstart-sdk",
            "source": "kam193",
            "import_time": "2026-07-15T11:33:42.235207778Z",
            "sha256": "b49df58ce8826ab92fdcbc7127dd1d173c132b94d3a49dc4bfe3cb2b5a9b2e01",
            "versions": [
                "0.1.0",
                "0.2.0",
                "0.2.1",
                "0.2.2"
            ],
            "modified_time": "2026-07-15T10:15:13.435134Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / northstart-sdk

Package

Affected ranges

Affected versions

0.*
0.1.0
0.2.0
0.2.1
0.2.2

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/northstart-sdk/MAL-2026-10672.json"
cwes
[
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
indicators
{
    "package_integrity": [
        {
            "filename": "northstart_sdk-0.2.2-py3-none-any.whl",
            "hashes": {
                "blake2b_256": "82933c32a22eca131c1fb4771fea8b5f2ff928a44677a7c3803b74c640092b53",
                "md5": "826450e77256257b2a29fd3bf4ca1e49",
                "sha256": "60f31106feb0e8366cf945345a4c37d6bbf6c7e7ad2c2b75ecdf1dbbbc29cc51"
            }
        },
        {
            "filename": "northstart_sdk-0.2.2.tar.gz",
            "hashes": {
                "blake2b_256": "fc8c1a69b0c1371eddf4d62fbe79bb03dc5dfc3fee0bc704af01d6310fa90e26",
                "md5": "1f9e9796505cbd3d8016b71865353d5f",
                "sha256": "238e37d3026af47e71ff9b731cce1b4ce74e16ce7566a939ccec526137fd8222"
            }
        }
    ],
    "evidence_files": [
        {
            "path": "src/northstart_sdk/encrypted_demo.py",
            "sha256": "f710dfa9e0058194776ab1156769cd47244e903f34f88288d7106d0521398fcb",
            "tlsh": "28f16497dd224c92d743c0ea5c31e5426371aa0742001374bbdceb597fdfa7ac2729aa"
        }
    ]
}