{"id":"MAL-2026-3689","summary":"Malicious code in dcchbot (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (df79831d1b486c8ca704295b410cec7b66be85aa87c3244d97ff1e87f643183a)\nThe package performs multiple installer-hostile behaviors. (1) dcchbot/__init__.py auto-invokes run() on import, which triggers interactive input() prompts and an outbound HTTPS GET to a non-PyPI third-party domain (https://evan0708.rf.gd/pypi-backup/json) — any import (including by IDEs, linters, or dependency scanners) blocks on stdin and beacons to attacker-controlled infrastructure. (2) main.py reads `data['info']['version']` from that rf.gd endpoint and later uses the value directly inside `os.system(f'pip install dcchbot=={latest_version}')` in the `/bot-update` slash handler; a crafted response (e.g. containing shell metacharacters) yields arbitrary command execution on the installer's host. The rf.gd free-subdomain pattern can also be re-registered by third parties if the account lapses, making this a latent RCE channel. (3) main.py hardcodes `CODER_ID = 1317800611441283139` and authorizes that Discord user ID inside `/op`, `/stop`, `/token`, and `/bot-update` handlers in addition to the installer's OWNER_ID — the package author can, on any Discord server where an installer's bot is present, leak the bot token (`/token` sends `bot._token`), grant themselves administrator, or trigger the vulnerable update command. This is direct installer-side harm: token exfiltration, privilege escalation on the installer's Discord servers, and remote shell command execution driven by an external URL.\n","modified":"2026-05-13T20:22:39.178129Z","published":"2026-05-12T07:42:11Z","database_specific":{"malicious-packages-origins":[{"sha256":"3a40a14434df3a61756624968ed85c2ea55ae3298fde23de5099c530089fd7b0","id":"IN-MAL-2026-002150","versions":["1.9.4"],"modified_time":"2026-05-12T19:03:07Z","source":"amazon-inspector","import_time":"2026-05-13T20:10:52.026857661Z"},{"sha256":"60ff0446b42a79933bc212e1600a36b572d60635fbfd6f69f9881b54ad7f4c18","id":"IN-MAL-2026-002149","versions":["1.9.1"],"modified_time":"2026-05-12T19:03:07Z","source":"amazon-inspector","import_time":"2026-05-13T20:10:51.952480244Z"},{"sha256":"c995da3f467f406ccbbc6314be0fcfc0f01b212c54bf3add01207e1d1fba6626","id":"IN-MAL-2026-002147","versions":["1.8.3"],"modified_time":"2026-05-12T19:03:07Z","source":"amazon-inspector","import_time":"2026-05-13T20:10:51.87454839Z"},{"sha256":"df79831d1b486c8ca704295b410cec7b66be85aa87c3244d97ff1e87f643183a","id":"IN-MAL-2026-002148","versions":["1.9"],"modified_time":"2026-05-12T19:03:07Z","source":"amazon-inspector","import_time":"2026-05-13T20:10:51.913332115Z"},{"sha256":"ff481b1e845b1c26503b21dc505660af654baf24f7250391c2a59357e3611425","id":"IN-MAL-2026-002146","versions":["1.8.1"],"modified_time":"2026-05-12T19:03:07Z","source":"amazon-inspector","import_time":"2026-05-13T20:10:51.812957037Z"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/dcchbot/1.9.4/"},{"type":"PACKAGE","url":"https://pypi.org/project/dcchbot/1.9.1/"},{"type":"PACKAGE","url":"https://pypi.org/project/dcchbot/1.8.3/"},{"type":"PACKAGE","url":"https://pypi.org/project/dcchbot/1.9/"},{"type":"PACKAGE","url":"https://pypi.org/project/dcchbot/1.8.1/"}],"affected":[{"package":{"name":"dcchbot","ecosystem":"PyPI","purl":"pkg:pypi/dcchbot"},"versions":["1.9.4","1.9.1","1.8.3","1.9","1.8.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dcchbot/MAL-2026-3689.json","cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."},{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."},{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."},{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."},{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"indicators":{"domains":["evan0708.rf.gd","evil"],"evidence_files":[{"sha256":"93edcce4d7529dde63786c450acfd0ad389e9b9848c43f75b87bf3ff4cf0ac26","tlsh":"eac230228daf2c35617bc14c5523d101f330a14b756d6063b9ac72a48ffd985a4eaff9","path":"dcchbot/main.py"},{"sha256":"4ee4111ad483f19f1678d0ad96fab3f9f571876652f3b41298de150897a7b74b","tlsh":"fcb02b1630170131459c4184c20031310b5200d4187711520309953e84c20c04e101f6","path":"dcchbot/__init__.py"}],"package_integrity":[{"hashes":{"sha256":"266a6d334484859361a2e943b946f8450855113f4809821508d8d5c3d7d1161d","md5":"ef868370522d852f3ca33fee985cedc6","blake2b_256":"25b2ea7a4eefcd1c966d8816fb7cfddf483f51cc6760186395f9bdc4a92cd67f"},"filename":"dcchbot-1.9.4-py3-none-any.whl"},{"hashes":{"sha256":"378488015e8fac7cfcbe5c4b45e025d57ce0506b24988cd7ab1153487039b082","md5":"dd4a5c1305afd86d9395aa3108450d1a","blake2b_256":"346cca31844600b1caa4a3ba82be6301ff0da3744911235eeb7891244da10448"},"filename":"dcchbot-1.9.4.tar.gz"}],"urls":["https://evan0708.rf.gd/pypi-backup/json","http://evil/sh"]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}