MAL-2026-6081

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/disksweep/MAL-2026-6081.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-6081

Published

2026-06-17T21:34:55Z

Modified

2026-06-18T20:31:04.597904981Z

Summary

Malicious code in disksweep (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (5a6449a8f35de848928e7f17d88c87db80e5aee40e8b53c375e07fc7d43cc05e)

On every import disksweep, the package's top-level src/disksweep/__init__.py (lines 18-24) calls ctypes.CDLL on a 2.9 MB Windows binary (_parser.pyd) shipped inside the wheel. Loading a Windows PE via ctypes.CDLL invokes the DLL's DllMain(DLL_PROCESS_ATTACH) entry point, executing whatever native code the binary contains in the importing process. No Python code in the package ever calls into the DLL — it is loaded purely for its load-time side effects, and any exception is silently swallowed (except: pass). The README explicitly advertises 'Zero dependencies. Nothing to audit.' and the pure-Python scan.py already implements the full scanner functionality, so the binary's presence is unjustified by the advertised feature set. pyproject.toml (lines 87, 90) additionally force-includes a byte-identical copy of the binary under a second name (__parser.pyd, sha256 b1aace6c…f83c3, 2,905,600 bytes) that has no Python reference — a redundancy pattern consistent with AV-evasion / fallback-loading rather than a legitimate native acceleration library. Any Windows host that runs pip install disksweep followed by import disksweep, or invokes the disksweep/sweep CLI (which imports the package), will execute the opaque native code.

Source: kam193 (3bc79bc0cdfcad5c0e383a83f621365a84be1090e44364974ee8ec2bf1a12942)

During import, package loads embedded native extension module. This library hooks on loading, spawns a new system process and likely attempts to inject the encrypted payload in it for further execution (T1055.012). The code uses heavy analysis evasion techniques. Decrypted payload revealed capabilities to steal all kind of credentials (browsers data, AI tools, env variables, SSH keys, ...), inject code to redirect cryptocurrency transactions, spy-like activities (screenshots, keylogger) and worm-like activities using discovered GitHub tokens to publish malicious code into CI. It establishes persistence in %LOCALAPPDATA%\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe and also attempts to perform lateral movement in Kubernetes and AWS environments.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-syncagents

Reasons (based on the campaign):

native-extension
infostealer
worm
exfiltration-crypto
exfiltration-credentials
uses-telegram-bot
keylogger
clipboard-stealing
exfiltration-ssh-keys
The package contains code to detect if it is running in a sandbox environment.
obfuscation
exfiltration-browser-data
exfiltration-env-variables
persistence

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "3bc79bc0cdfcad5c0e383a83f621365a84be1090e44364974ee8ec2bf1a12942",
            "source": "kam193",
            "modified_time": "2026-06-17T21:34:55.578581Z",
            "id": "pypi/2026-06-syncagents/disksweep",
            "versions": [
                "1.0.0"
            ],
            "import_time": "2026-06-17T21:42:20.128411569Z"
        },
        {
            "sha256": "5a6449a8f35de848928e7f17d88c87db80e5aee40e8b53c375e07fc7d43cc05e",
            "source": "amazon-inspector",
            "modified_time": "2026-06-18T19:37:04Z",
            "id": "IN-MAL-2026-007035",
            "versions": [
                "1.0.0"
            ],
            "import_time": "2026-06-18T20:19:42.506017374Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com
- Kamil Mańkowski (kam193) - REPORTER
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/

Affected packages

PyPI / disksweep

Package

Name: disksweep; View open source insights on deps.dev
Purl: pkg:pypi/disksweep

Affected ranges

Affected versions

1.*

1.0.0

Database specific

cwes

[
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    }
]

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/disksweep/MAL-2026-6081.json"

indicators

{
    "evidence_files": [
        {
            "sha256": "48908f78831e512520fdb1773c1ba73d6509ed28c8137e14394263ed2e89a058",
            "tlsh": "aef0a31148740922d09ec3ce5474ccf00b3124e35d25587c7b991538af9dbcdb7d566d",
            "path": "src/disksweep/__init__.py"
        },
        {
            "sha256": "248dbd1707c3cc66b41e64dd92de313d79d80560a93636f6b27e6ae1d884cff4",
            "tlsh": "ae51fe7bc8d40d7c5660b05a64388804f865478f6394645b31b8418d0f7e6aec2ff4b5",
            "path": "pyproject.toml"
        }
    ],
    "package_integrity": [
        {
            "hashes": {
                "sha256": "8b9e396e2c4e48e5d73300595ebb621c1bd667549ce21d46e90c4715bb694a42",
                "blake2b_256": "18e10b284c14ad17d9f14a6e142eab103f1be71a5e057d9ed638c29735ecb8c6",
                "md5": "4fc293cac03993d408756e4eb792df2a"
            },
            "filename": "disksweep-1.0.0-py3-none-any.whl"
        },
        {
            "hashes": {
                "sha256": "520ea669f80215e41142709cc62ff8cc184810f7ca1bda646fff89fc42262ffa",
                "blake2b_256": "ca1a7bb5c1fb1ccf4dcea0e00456c36f7339e236ed229628d717de36a6553e90",
                "md5": "13c895e6fa82efee10a19394b4fb47f6"
            },
            "filename": "disksweep-1.0.0.tar.gz"
        }
    ]
}