MAL-2026-5338

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/solana-web3-py/MAL-2026-5338.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-5338
Published
2026-06-08T22:22:20Z
Modified
2026-06-14T23:45:54.618546710Z
Summary
Malicious code in solana-web3-py (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (af1a2f1a7c7e3bddb9c8d2fcb8a4c86a6755763c94b95b1eddb81f382318c432)

Malicious typosquat impersonating the legitimate Solana Python SDK (solana / solana-py) and the JS @solana/web3.js. The package ships no SDK functionality; the only behavior is credential theft. On import, init.py reads installer secrets including ~/.ssh/idrsa, ~/.ssh/ided25519, ~/.aws/credentials, ~/.config/solana/id.json, ~/.solana/id.json, and.env files at./,../, /app/, /root/, and scrapes environment variables matching KEY/SECRET/MNEMONIC/PRIVATE/TOKEN/PASSWORD/AWS/NPM/GITHUB/SOLANA. The collected payload is POSTed to a hardcoded Telegram bot (api.telegram.org sendMessage with bot token 8870595195:... and chat_id 8346336575). On non-Windows hosts, _persist() writes /tmp/.psync containing a @reboot sleep 90 && python3 <init> cron line and registers it via crontab -, ensuring the credential dropper re-runs on every reboot even after the package is uninstalled. The Solana wallet key path (~/.config/solana/id.json) is explicitly targeted, confirming a wallet-theft motive.

Source: kam193 (6945b0bfcf3be9438852411527a75d1275367ca7a34ea4a28793e6e0c6258ccb)

During import, the package exfiltrates sensitive data (credentials, SSH keys, cryptowallet's data). It also establishes persistence via a cronjob.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-spl-token-py

Reasons (based on the campaign):

  • crypto-related

  • typosquatting

  • exfiltration-ssh-keys

  • exfiltration-credentials

  • exfiltration-crypto

  • exfiltration-env-variables

  • persistence

  • uses-telegram-bot

  • The package contains code to detect if it is running in a sandbox environment.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.0.0"
            ],
            "sha256": "6945b0bfcf3be9438852411527a75d1275367ca7a34ea4a28793e6e0c6258ccb",
            "modified_time": "2026-06-08T22:22:20.727253Z",
            "source": "kam193",
            "import_time": "2026-06-08T23:01:22.270168364Z",
            "id": "pypi/2026-06-spl-token-py/solana-web3-py"
        },
        {
            "versions": [
                "1.0.0"
            ],
            "sha256": "af1a2f1a7c7e3bddb9c8d2fcb8a4c86a6755763c94b95b1eddb81f382318c432",
            "modified_time": "2026-06-11T02:58:06Z",
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-005417",
            "import_time": "2026-06-11T03:48:48.67450677Z"
        },
        {
            "versions": [
                "1.0.0"
            ],
            "sha256": "1f72c1dc1aed115ba88633a78b3565ae78ca5bd0e62b5ffa0f022404e5cba976",
            "modified_time": "2026-06-08T22:22:20.727253Z",
            "source": "kam193",
            "id": "pypi/2026-06-spl-token-py/solana-web3-py",
            "import_time": "2026-06-14T23:32:25.821887797Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / solana-web3-py

Package

Affected ranges

Affected versions

1.*
1.0.0

Database specific

indicators
{
    "package_integrity": [
        {
            "filename": "solana_web3_py-1.0.0-py3-none-any.whl",
            "hashes": {
                "sha256": "dcc28b4d367d98287bc902e536c3540272e4c5da1bdcc089704f2178fa8b2eb1",
                "md5": "f5cb229a42c0244ab09804834a026828",
                "blake2b_256": "a1a6e65809c92feeda05a36ef7910c468606d00cf68ee2e06661a9903511b46f"
            }
        }
    ],
    "evidence_files": [
        {
            "sha256": "96f8547a8b1ef16709dab07b25ab278bd2a547fa1ca956ffff0eb19269cb0f44",
            "path": "solana-web3-py/__init__.py",
            "tlsh": "d05195c135560829e086aa9f1c1580d4238fbf5308339ab8baddb780cfc45b89a75b9c"
        },
        {
            "sha256": "258195044df2950e02b51e878cb611c85819705ad7b34d8fcfa64c0d9ea0a7ba",
            "path": "solana_web3_py-1.0.0.dist-info/METADATA",
            "tlsh": "a8d05e400be18523f18682cf1aad43d61ee29600644e28abcc09344883a22e2afa6976"
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/solana-web3-py/MAL-2026-5338.json"
cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]