MAL-2026-5345

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dstill/MAL-2026-5345.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-5345
Published
2026-06-09T10:15:49Z
Modified
2026-06-11T01:31:30.533321891Z
Summary
Malicious code in dstill (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (698645f1cbbe41dbe7b65f3cf373ed38f59cb59ca9cc0bb25bd9d175114f1762)

On import spaysdata, init.py invokes mainentry() which executes a multi-stage Windows infostealer with no relation to the package's advertised purpose (a 'Roblox DataStore' library). Behaviors: (1) reads %USERPROFILE%\AppData\Local\Roblox\LocalStorage\robloxcookies.dat, decrypts via CryptUnprotectData, and POSTs the plaintext cookies to a hardcoded Discord webhook (discord.com/api/webhooks/1513807955340820602/...) and a Google Apps Script endpoint (script.google.com/macros/s/AKfycbwa8sLEdsGleFVecuc.../exec); (2) kills Discord processes via taskkill /f /im Discord.exe, then enumerates Discord/Discord Canary/PTB/Lightcord and ~20 Chromium browsers (Chrome, Edge, Brave, Yandex, Opera, Vivaldi,...) plus Firefox profiles, AES-GCM-decrypts tokens with each browser's DPAPI master key, validates them against the Discord API, and exfiltrates working tokens to the same endpoints; (3) installs persistence by copying itself to %LOCALAPPDATA%\MicrosoftSecurityWorker\WindowsSecurity.{pyw,exe}, registers that directory as a Windows Defender ExclusionPath via PowerShell Add-MpPreference, and creates a schtasks /sc onlogon /rl highest task named 'WindowsSecurityUpdate' to run at every logon. The Microsoft-lookalike paths/names are explicit AV evasion. Russian/Ukrainian comments in the source acknowledge the stealth and anti-AV intent. The pyproject description in Russian ('Библиотека для работы с DataStore в Roblox') is a lure targeting Roblox developers.

Source: kam193 (09fdc0fbdc8b1ba29a63f2807ec9c9af6dd1079a5ac6fa99c88b54df9bd22a0b)

The package exfiltrates Roblox cookies from the victim machine.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-spaysrbdata

Reasons (based on the campaign):

  • infostealer
Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "0.3.0"
            ],
            "id": "pypi/2026-06-spaysrbdata/dstill",
            "modified_time": "2026-06-09T10:15:49.782378Z",
            "sha256": "09fdc0fbdc8b1ba29a63f2807ec9c9af6dd1079a5ac6fa99c88b54df9bd22a0b",
            "import_time": "2026-06-09T10:41:59.930161705Z",
            "source": "kam193"
        },
        {
            "versions": [
                "0.3.0"
            ],
            "id": "IN-MAL-2026-005343",
            "import_time": "2026-06-11T01:21:50.613265409Z",
            "sha256": "698645f1cbbe41dbe7b65f3cf373ed38f59cb59ca9cc0bb25bd9d175114f1762",
            "modified_time": "2026-06-11T00:21:06Z",
            "source": "amazon-inspector"
        }
    ],
    "iocs": {
        "urls": [
            "https://script.google.com/macros/s/AKfycbwa8sLEdsG_leFVecuc_dFrZ_h5JnZKrWxXWazK1T6DoKGAGG5OJ9rznwYXg2PS-h1d/exec",
            "https://discord.com/api/webhooks/1513807955340820602/-UbLOjMGWIop17hrvQ7XsrZkJBJaNlMTueX7xnsJ9hz6DKaBgSe_Ur2FIgSJMHlusBwx"
        ]
    }
}
References
Credits

Affected packages

PyPI / dstill

Package

Affected ranges

Affected versions

0.*
0.3.0

Database specific

indicators
{
    "evidence_files": [
        {
            "sha256": "8d609f7ccd0e47fe743299781b79230d96f8944fcba58b24d14950a113ca5908",
            "tlsh": "34527546ec4e041a9236914de856e94cfa6702ab767113033afca7b83f75031d3792ee",
            "path": "spaysdata/main.py"
        },
        {
            "tlsh": "4df0dd73dd796c3091b4708696608a08fea1707a36d400fa32dab1ed15aa350cfac63c",
            "sha256": "4ec8516ee89dee5e8ad3573a8c5373c88d19d6708914393403d02717fc2d68ab",
            "path": "pyproject.toml"
        }
    ],
    "package_integrity": [
        {
            "filename": "dstill-0.3.0-py3-none-any.whl",
            "hashes": {
                "sha256": "463ee054c7779369155784fa38cc3ae22a175976c781faa84b0f4f93d1f54f7c",
                "md5": "f88915195f6f180c75fc4e4e2b2199a6",
                "blake2b_256": "a8e5a2c2248cd9b43dbd71e4fd196a8595a6f81e6b51097f0dc04da79d2f8e25"
            }
        },
        {
            "filename": "dstill-0.3.0.tar.gz",
            "hashes": {
                "md5": "2d95893193bdb53f79e4db64585985f8",
                "sha256": "3264b438b7f827125ecab00a5ab0656af7e6ffc0e6acb5bd384b1bd01ef3953b",
                "blake2b_256": "49d49f29d6f84954f1407505eafa69b2affe7e0ee01241be0081edb0c23d6f4a"
            }
        }
    ]
}
cwes
[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dstill/MAL-2026-5345.json"