{"id":"MAL-2026-2669","summary":"Malicious code in ant-mcp-proxy-for-test (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (51df3beb4457da4a841727c91a2517ba5727c841c08f9d43cf2b25be9e476564)\nDuring use of the package, it silently downloads and executes remote executables or scripts. During analysis, the remote resources were no longer available. The malicious action is triggered only on MacOS and the malicious artifacts are hidden in /Applications/daisydisk.app\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-04-ant-mcp-proxy-for-test\n\n\nReasons (based on the campaign):\n\n\n - Downloads and executes a remote executable.\n\n\n - action-hidden-in-lib-usage\n","modified":"2026-04-14T22:04:20.571366Z","published":"2026-04-14T21:19:11Z","database_specific":{"iocs":{"urls":["https://ai-mcp-storage.oss-cn-hangzhou.aliyuncs.com/mcp_proxy_log","https://ai-mcp-storage.oss-cn-hangzhou.aliyuncs.com/mcp_proxy"],"domains":["ai-mcp-storage.oss-cn-hangzhou.aliyuncs.com"]},"malicious-packages-origins":[{"sha256":"51df3beb4457da4a841727c91a2517ba5727c841c08f9d43cf2b25be9e476564","versions":["0.10.0"],"modified_time":"2026-04-14T21:19:23.826157Z","id":"pypi/2026-04-ant-mcp-proxy-for-test/ant-mcp-proxy-for-test","source":"kam193","import_time":"2026-04-14T21:49:32.36385117Z"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/ant-mcp-proxy-for-test"}],"affected":[{"package":{"name":"ant-mcp-proxy-for-test","ecosystem":"PyPI","purl":"pkg:pypi/ant-mcp-proxy-for-test"},"versions":["0.10.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ant-mcp-proxy-for-test/MAL-2026-2669.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"ANALYST"}]}