MAL-2026-4174
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/durabletask/MAL-2026-4174.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-4174
- Published
- 2026-05-19T16:47:48Z
- Modified
- 2026-05-19T22:46:38.885579260Z
- Summary
- Malicious code in durabletask (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (78c753d3badef7f806bd71d60c2bb890ccc969a3fb360596e2872ae580d135f8)
Compromised release of Microsoft's Durable Task SDK. Stage-1 dropper in init.py downloads and executes a credential-stealing zipapp from check.git-service.com on Linux at import time.
Source: kam193 (9c23380bb017a417e3f26575c5b96e32fb0bf11dec8314d16f8b979052748049)
Versions 1.4.1, 1.4.2, 1.4.3 were compromised.
During import of compromised versions, the malicious code is downloaded and executed. It exfiltrates all kinds of credentials and sensitive files, including data from secret and password managers, SSH keys, configuration files. Code tries to achieve a persistence via systemd unit.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-05-compr-durabletask
Reasons (based on the campaign):
files-exfiltration
exfiltration-env-variables
exfiltration-ssh-keys
exfiltration-cloud-tokens
Downloads and executes a remote malicious script.
exfiltration-credentials
persistence
compromised-package
- Database specific
{ "iocs": { "domains": [ "check.git-service.com", "git-service.com", "t.m-kosche.com", "m-kosche.com" ], "urls": [ "https://t.m-kosche.com/rope.pyz", "https://check.git-service.com/rope.pyz", "https://check.git-service.com/api/public/version", "https://check.git-service.com/v1/models" ] }, "malicious-packages-origins": [ { "sha256": "d7cd06c24c677da1e7b5c2f4df3b2d696dfbcf8548357b512ed16c659c4c7b66", "import_time": "2026-05-19T17:50:11.360785891Z", "modified_time": "2026-05-19T16:47:48Z", "versions": [ "1.4.1" ], "source": "amazon-inspector" }, { "sha256": "9c23380bb017a417e3f26575c5b96e32fb0bf11dec8314d16f8b979052748049", "import_time": "2026-05-19T18:43:08.148362157Z", "modified_time": "2026-05-19T18:34:41Z", "versions": [ "1.4.1", "1.4.2", "1.4.3" ], "id": "pypi/2026-05-compr-durabletask/durabletask", "source": "kam193" }, { "sha256": "295bb15ad476455cabcf58b33fa9b8cb1ff65733d648de314703dd119c171741", "modified_time": "2026-05-19T18:34:41Z", "import_time": "2026-05-19T19:37:36.17794506Z", "versions": [ "1.4.1", "1.4.2", "1.4.3" ], "id": "pypi/2026-05-compr-durabletask/durabletask", "source": "kam193" }, { "sha256": "78c753d3badef7f806bd71d60c2bb890ccc969a3fb360596e2872ae580d135f8", "modified_time": "2026-05-19T19:45:00Z", "import_time": "2026-05-19T20:39:30.315949543Z", "versions": [ "1.4.1" ], "id": "IN-MAL-2026-003202", "source": "amazon-inspector" }, { "sha256": "70afb57cbcdb03eb986b0e6d3f0f32c2dfc696ca54ed063ac0c3dad1f323cbd6", "import_time": "2026-05-19T22:31:50.76999664Z", "modified_time": "2026-05-19T18:34:41Z", "versions": [ "1.4.1", "1.4.2", "1.4.3" ], "id": "pypi/2026-05-compr-durabletask/durabletask", "source": "kam193" } ] }- References
-
- https://safedep.io/malicious-durabletask-pypi-supply-chain-attack
- https://bad-packages.kam193.eu/pypi/campaign/2026-05-compr-durabletask
- https://www.upwind.io/feed/newly-discovered-durabletask-malware-targeted-kubernetes-cloud-secrets-and-ci-cd-infrastructure
- https://pypi.org/project/durabletask/1.4.1/
- https://www.aikido.dev/blog/durabletask-package-compromised-mini-shai-hulud
- Credits
-
-
- Amazon Inspector - FINDER
-
- Kamil MaĆkowski (kam193) - ANALYST
-
Affected packages
PyPI / durabletask
Package
- Name
- durabletask
- View open source insights on deps.dev
- Purl
- pkg:pypi/durabletask
Database specific
indicators
{
"domains": [
"check.git-service.com",
"t.m-kosche.com"
],
"ips": [
"160.119.64.3"
],
"evidence_files": [
{
"sha256": "5246e60c2ff10ae058abba14ef5ea22432465ad827ec5f5c5572999411d90b80",
"path": "durabletask/__init__.py"
}
],
"package_integrity": [
{
"hashes": {
"sha256": "7d80b3ef74ad7992b93c31966962612e4e2ceb93e7727cdbd1d2a9af47d44ba8"
},
"filename": "durabletask-1.4.1-py3-none-any.whl"
},
{
"hashes": {
"sha256": "3de04fe2a76262743ed089efa7115f4508619838e77d60b9a1aab8b20d2cc8bf"
},
"filename": "durabletask-1.4.1.tar.gz"
}
],
"second_stage": [
{
"content_type": "application/zip",
"size_bytes": 28703.0,
"sha256": "069ac1dc7f7649b76bc72a11ac700f373804bfd81dab7e561157b703999f44ce",
"url": "https://check.git-service.com/rope.pyz",
"captured_at": "2026-05-19T19:43:50Z",
"observed_capabilities": [
"Multi-cloud credential theft (AWS, GCP, Azure, Kubernetes, HashiCorp Vault)",
"Filesystem secret harvesting (.env, SSH keys, browser credentials, password stores)",
"RSA-OAEP + AES-256-GCM encrypted exfiltration to attacker C2",
"GitHub dead-drop C2 resolution via signed commit messages (FIRESCALE pattern)",
"Stolen GitHub token exfiltration fallback (creates public repos with encrypted data)",
"Systemd persistence as pgsql-monitor.service (root or user-level)",
"Propagation via secondary domain t.m-kosche.com",
"Anti-analysis: Russia locale exclusion, CPU count > 2 requirement"
],
"persistence": {
"binary_path_root": "/usr/bin/pgmonitor.py",
"service_name": "pgsql-monitor.service",
"binary_path_user": "~/.local/bin/pgmonitor.py"
}
}
]
}
cwes
[
{
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506",
"name": "Embedded Malicious Code"
}
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/durabletask/MAL-2026-4174.json"