MAL-2026-5839

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/cipherflow/MAL-2026-5839.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-5839

Published

2026-06-15T21:36:32Z

Modified

2026-06-16T01:16:01.189358698Z

Summary

Malicious code in cipherflow (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (281ede3c5b3181c2df22a4b32a01453a51ac389a1dfe8bde69d53821cbaf20d4)

cipherflow advertises itself as a zero-dependency pure-Python AES/DES library, but cipherflow/environ.py contains a multi-layer-obfuscated payload that is decoded and passed directly to exec(). The blob is base85-decoded, XOR'd against a 32-byte key, then zlib-decompressed before being executed: exec(zlib.decompress(bytes(__[i]^_[i%len(_)] for i in range(len(__)))).decode()) with __ = base64.b85decode(b'MJ*(r4W!?y...'). This payload is exposed via cipherflow.setupenv() (declared in all), whose docstring translates to 'download and execute external environment'. The function is not mentioned anywhere in the README/PKG-INFO. The combination of triple-stacked encoding (base85 + XOR + zlib) terminating in exec(), placement inside a cover-named module (environ.py / setupenv), and intentional omission from documentation are canonical signals of hidden malicious code execution. Any consumer who imports cipherflow and invokes setup_env() — or any downstream code that does so — runs whatever bytes the author chose to hide, with full process privileges.

Source: kam193 (c5572ca4917ed5ce72dfcb7d82abb3a085cdaed9f1992463800826bc18249f91)

The package contains obfuscated code to download executables from a typosquatted domain.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-cipherflow

Reasons (based on the campaign):

obfuscation
Downloads and executes a remote executable.

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-006721",
            "import_time": "2026-06-15T22:45:30.331795109Z",
            "versions": [
                "0.1.2"
            ],
            "source": "amazon-inspector",
            "sha256": "281ede3c5b3181c2df22a4b32a01453a51ac389a1dfe8bde69d53821cbaf20d4",
            "modified_time": "2026-06-15T21:36:34Z"
        },
        {
            "id": "IN-MAL-2026-006720",
            "import_time": "2026-06-15T22:45:30.215056128Z",
            "versions": [
                "0.1.3"
            ],
            "source": "amazon-inspector",
            "sha256": "31690b7dc2576fb3dfe0aae6a5e1893ccd766d080c44dd7fa5e38f4904f809aa",
            "modified_time": "2026-06-15T21:36:32Z"
        },
        {
            "id": "pypi/2026-06-cipherflow/cipherflow",
            "import_time": "2026-06-16T01:10:50.00851767Z",
            "source": "kam193",
            "versions": [
                "0.1.0",
                "0.1.1",
                "0.1.2",
                "0.1.3"
            ],
            "sha256": "c5572ca4917ed5ce72dfcb7d82abb3a085cdaed9f1992463800826bc18249f91",
            "modified_time": "2026-06-15T23:36:37.078624Z"
        }
    ],
    "iocs": {
        "urls": [
            "http://update.windowsuqdate.com/dfsvc.exe",
            "http://update.windowsuqdate.com/dfsvc.exe.config",
            "http://update.windowsuqdate.com/runtime.dat",
            "http://update.windowsuqdate.com/WinlicenseSDK.dll"
        ],
        "domains": [
            "update.windowsuqdate.com",
            "windowsuqdate.com"
        ]
    }
}

References

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com
- Kamil Mańkowski (kam193) - ANALYST
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/

Affected packages

PyPI / cipherflow

Package

Name: cipherflow; View open source insights on deps.dev
Purl: pkg:pypi/cipherflow

Affected ranges

Affected versions

0.*

0.1.0

0.1.1

0.1.2

0.1.3

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/cipherflow/MAL-2026-5839.json"

cwes

[
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    },
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    }
]

indicators

{
    "package_integrity": [
        {
            "filename": "cipherflow-0.1.3-py3-none-any.whl",
            "hashes": {
                "blake2b_256": "c2d1420b4981cc8f3ca1e678e2b6487267949c5bd7b8638a1111bd31fc60cbe3",
                "md5": "2fff02f30e259ffdff03575d528de710",
                "sha256": "3df7f139925bffed925b5461307ce17c15f2ff6f098826f2ceb57ddf1adb0d78"
            }
        },
        {
            "filename": "cipherflow-0.1.3.tar.gz",
            "hashes": {
                "blake2b_256": "23c341b2c16cf7051848162d05bbbdf17bc5038f44c89f1cfec85ade19db4294",
                "md5": "5b8e147f530f4a7e64f4f8e5f91132cf",
                "sha256": "df5b7b9dd86c122d2b6cec7a71a7e8f48a1ab63d9610b80cb512e1b8a00569ac"
            }
        }
    ],
    "evidence_files": [
        {
            "path": "cipherflow/_environ.py",
            "sha256": "1c730342a64c97e32a697ab1ed78d59dadd837b866c1df575178f2f46897fdc2",
            "tlsh": "8211b5c087974defd1884a126f31eec643222c4eb0b8a3c1d9093f0e82760b11eeb440"
        }
    ]
}