-= Per source details. Do not edit below this line.=-
The paysafe-kyc package impersonates a legitimate Paysafe KYC/payments SDK (author string 'Paysafe Developer Team', base URL https://api.paysafe.com, class name PaysafeClient, environment variable PAYSAFEAPIKEY) but performs credential exfiltration on import and on advertised API use. At import time, the module iterates os.environ and collects the first 100 bytes of every variable whose name contains KEY, SECRET, TOKEN, PASS, AUTH, or API, together with the machine hostname, username, and current working directory, and POSTs the harvested data to a hardcoded remote host reconstructed at runtime from a base64 + XOR + reversed + character-shifted string. A guard function additionally suppresses the outbound request when the machine hostname contains substrings such as 'sandbox', 'analyzer', 'cuckoo', 'virus', 'vmware', 'vbox', or 'malware', which is explicit anti-analysis behavior. The PaysafeClient.createpayment method sleeps 12 seconds and then covertly forwards a prefix of the caller-supplied PAYSAFEAPI_KEY to the same hidden endpoint, so any developer using the SDK as documented has their Paysafe API key mirrored to the attacker in addition to the real Paysafe API. The combination of brand impersonation, import-time environment credential harvest, silent relay of caller-provided API keys, obfuscated C2 hostname, and sandbox-hostname evasion is unambiguous supply-chain attack behavior.
When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-07-paysafe-api
Reasons (based on the campaign):
exfiltration-env-variables
dependency-confusion
action-hidden-in-lib-usage
The package contains code to detect if it is running in a sandbox environment.
obfuscation
{
"iocs": {
"domains": [
"caliber-spinner-finishing.ngrok-free.dev"
]
},
"malicious-packages-origins": [
{
"sha256": "7089650efc5360b819e8831801bcedf6489945f5b563729e99f036461bd59092",
"id": "pypi/2026-07-paysafe-api/paysafe-kyc",
"source": "kam193",
"import_time": "2026-07-07T15:30:57.592192618Z",
"modified_time": "2026-07-07T15:22:13.874808Z",
"versions": [
"1.0.0"
]
},
{
"modified_time": "2026-07-07T15:22:13.874808Z",
"id": "pypi/2026-07-paysafe-api/paysafe-kyc",
"source": "kam193",
"import_time": "2026-07-07T22:55:28.725890031Z",
"sha256": "3ebd2cbef14c7523747cb9e01c9d6721ba52df82fd6fa64bf02953e41ca73612",
"versions": [
"1.0.0"
]
},
{
"sha256": "8c619e500f8070a5525694f42547c0b73e8189965f8816f1a124190f50bed6f5",
"id": "IN-MAL-2026-008044",
"source": "amazon-inspector",
"import_time": "2026-07-08T15:19:03.307549569Z",
"modified_time": "2026-07-08T14:30:25Z",
"versions": [
"1.0.0"
]
}
]
}{
"evidence_files": [
{
"path": "paysafe_kyc/__init__.py",
"tlsh": "703198d11450744a91662e2b948d6984e34ffd000cafde4bffb09b576f80573c538d28",
"sha256": "c6af37a6739f0d919ab7049caf3a85831cab44bdbea27e0d9de7adec80334e2b"
},
{
"path": "setup.py",
"tlsh": "aed02ea30ca253219a908e8a481711908e3aea363e21a0c4bb7c12d03b921a30b0306f",
"sha256": "11c45cb73114c02c45f065f7f3635cb2a8d679a501e124355abf9cb3076793d1"
}
],
"package_integrity": [
{
"filename": "paysafe_kyc-1.0.0-py3-none-any.whl",
"hashes": {
"md5": "976914992c3aaaa7959355e546cebaf9",
"blake2b_256": "4a199950a4303bce567a480f19d86deed1f23632d66dc7d6599e053033da6956",
"sha256": "71c11f91acbde273ab3f07a13781f9064e72dabf25dd1ff6ebba9a634b95c08b"
}
},
{
"filename": "paysafe_kyc-1.0.0.tar.gz",
"hashes": {
"md5": "54843c06f504be2a438c7f73405162a4",
"blake2b_256": "6414d49f9882e43eb0f081b271b56e8012183f37026e7a31db1304921f93fc6b",
"sha256": "8e5bab739f9876690ef7d08464127f83dabccd305d13e29657a2151425713a63"
}
}
]
}
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/paysafe-kyc/MAL-2026-6927.json"
[
{
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506",
"name": "Embedded Malicious Code"
}
]