-= Per source details. Do not edit below this line.=-
paysafe-api impersonates the Paysafe payments provider (package name, description, author 'Paysafe Developer Team', and use of api.paysafe.com / api.test.paysafe.com base URLs), but its PaysafeClient.createpayment() method carries a hidden credential-theft payload. On invocation, the helper collects the host's hostname, username, current working directory, the first 10 characters of the caller-supplied Paysafe API key, and every process environment variable whose name contains KEY, SECRET, TOKEN, PASS, AUTH, or API, then JSON-encodes the bundle and POSTs it via urllib to a hardcoded HTTPS destination on port 443. The destination hostname is not the paysafe.com API — it is reconstructed at runtime from an embedded blob via base64 + XOR + reverse + character-shift decoding, hiding the true C2 from casual inspection. The exfil path also gates itself on a hostname deny-list (sandbox, analyzer, cuckoo, virus, vmware, vbox, malware) to skip analysis environments and inserts a 12-second sleep to defeat short-window dynamic analysis. Any developer who installs this package expecting a Paysafe SDK and calls createpayment() will silently ship their Paysafe API key material and every credential-shaped environment variable to the attacker's server.
When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-07-paysafe-api
Reasons (based on the campaign):
exfiltration-env-variables
dependency-confusion
action-hidden-in-lib-usage
The package contains code to detect if it is running in a sandbox environment.
obfuscation
{
"malicious-packages-origins": [
{
"sha256": "caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915",
"id": "pypi/2026-07-paysafe-api/paysafe-api",
"import_time": "2026-07-07T15:30:57.582519602Z",
"modified_time": "2026-07-07T15:21:28.624897Z",
"versions": [
"1.0.0"
],
"source": "kam193"
},
{
"versions": [
"1.0.0"
],
"id": "pypi/2026-07-paysafe-api/paysafe-api",
"import_time": "2026-07-07T22:55:28.691255869Z",
"modified_time": "2026-07-07T15:21:28.624897Z",
"sha256": "113895b5937c6b16de757d51b732eabcb0b72f613ca75d4e16d5bcc94da37a67",
"source": "kam193"
},
{
"sha256": "9d9cc9039ffa3e8cadc8a24b0ccd83bcc8eca2fe88e25f35b2022cc1957220fb",
"id": "IN-MAL-2026-008606",
"import_time": "2026-07-08T21:27:49.847861124Z",
"modified_time": "2026-07-08T20:35:25Z",
"versions": [
"1.0.0"
],
"source": "amazon-inspector"
}
],
"iocs": {
"domains": [
"caliber-spinner-finishing.ngrok-free.dev"
]
}
}{
"evidence_files": [
{
"tlsh": "bb3198d21450754a91662e1b948d6994e34ffd000cafde4bffb09b566f80673c538d28",
"sha256": "c2a361a7d8feb95be97c957fc7652d348f4fa9a987bde5f09883f46b65c460f1",
"path": "paysafe_api/__init__.py"
},
{
"sha256": "468858fdda8e3c90737f754bc63fe1e12cd23d6420dab3f5d4fca9848e62f437",
"tlsh": "d6d0a7a20ce152315990cb9b4d6710514f3eeeb63e61f4d4fb7c53a83f921930a2b12e",
"path": "setup.py"
}
],
"package_integrity": [
{
"filename": "paysafe_api-1.0.0-py3-none-any.whl",
"hashes": {
"md5": "df17f6d1b3612f96ad6f05b7e47a208f",
"sha256": "20d7eb6fbcf589717a71440f772c00480a5561ded426bb273713d350dda40b2a",
"blake2b_256": "1246dbe96edd2e9d602e280292f4ddaa21a5e8c0a776ae9f3a9d5bc516a95c07"
}
},
{
"filename": "paysafe_api-1.0.0.tar.gz",
"hashes": {
"sha256": "a09a2b1e627c367b6ca8263a48f4a93dfe10a752050319a913e0e3bb8e6e3569",
"md5": "ba422cbe879ae221834b593746df95c2",
"blake2b_256": "f4dc758ef9d44a6020c829164a3b54b6f4d2065b297e97b9376c73995354eaec"
}
}
]
}
[
{
"cweId": "CWE-506",
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature."
}
]
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/paysafe-api/MAL-2026-6926.json"