{"id":"MAL-2026-3686","summary":"Malicious code in amino-fix (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (807db606fec148f1acf0e1ddb4ec2e0a68ba672bb8e5641f9eefd0d425f30a44)\nThe asyncfix subpackage's `signature()` helper in aminofix/asyncfix/lib/util/helpers.py (lines 22-25) does not compute the NDC-MSG-SIG locally. Instead, every JSON request body is sent as a query string to `http://aminoed.uk.to/api/generator/ndc-msg-sig?data={data}` over unencrypted HTTP. This helper is invoked by every authenticated endpoint of the library, including `client.login(email, password)` — the advertised primary function. As a result, any caller using the async API silently transmits the end-user's plaintext email and password (and all other request bodies) as URL query parameters to `aminoed.uk.to`, a free `.uk.to` subdomain unrelated to the real Amino service (`service.narvii.com`). This is a textbook silent-relay: a hardcoded third-party destination embedded in public API code that exfiltrates caller-supplied credentials without disclosure, over plaintext HTTP with no TLS. A secondary import-time version-check against pypi.org is benign (data-only, printed to stdout) and not a dropper, but is noted as an unrelated quality issue.\n","modified":"2026-06-15T03:00:55.097953687Z","published":"2026-05-13T00:19:49Z","database_specific":{"malicious-packages-origins":[{"source":"amazon-inspector","versions":["2.1.8"],"sha256":"807db606fec148f1acf0e1ddb4ec2e0a68ba672bb8e5641f9eefd0d425f30a44","id":"IN-MAL-2026-002585","modified_time":"2026-05-13T00:19:49Z","import_time":"2026-05-13T20:11:01.266429227Z"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/amino.fix/2.1.8/"}],"affected":[{"package":{"name":"amino-fix","ecosystem":"PyPI","purl":"pkg:pypi/amino-fix"},"versions":["2.1.8"],"database_specific":{"indicators":{"package_integrity":[{"filename":"amino.fix-2.1.8-py3-none-any.whl","hashes":{"md5":"ddc4616e89ea830404293e8be3b3a90d","blake2b_256":"9f5f0bcb8f9c9a042d2179c351e9e2068c6bb21e7fa5c306dad3cb1de73e9527","sha256":"2a94934bcfa50d3b329a067233af995861151ee82df1ebc404c7e2612ae37030"}},{"filename":"amino.fix-2.1.8.tar.gz","hashes":{"md5":"19171c7a733d0094eb04a7f6b360c4d8","blake2b_256":"99d3e0ecdc4ceae60e65486f85fcb180f949bd435a79d8c43c11d20d251ff347","sha256":"ba1c0691642164fa523bf2d11ff448af26e7869f195a69d4e9909346480348e7"}}],"evidence_files":[{"tlsh":"e42124e7b863b59113bc42b970184022fb7f9ae25fc81083b80d42b4372ac299a3547d","path":"aminofix/asyncfix/lib/util/helpers.py","sha256":"c93e662de27505e4f274e0980af9a399caf5cfe4b8557248abf3f3dc20084be3"},{"tlsh":"7101c023423fe733b13e8bcec0035034ab3358705f8fb0a266905abc37c22418759888","path":"aminofix/__init__.py","sha256":"47921dcff69216c8a6e6d862c23af503a7440106ce2634934c2f0deab737162c"}]},"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/amino-fix/MAL-2026-3686.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}