{"id":"MAL-2026-3778","summary":"Malicious code in natazx (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (d0514a0df660dfc4e7380f68e8533fa325ccc246ba21855975f73d3af78cd9f0)\nOn `import natazx`, the package's top-level code executes several installer-hostile actions without consent: (1) it unconditionally overwrites the host's DNS configuration at `/etc/resolv.conf` (and the Termux equivalent) to point at 1.1.1.1/1.0.0.1 with aggressive timeouts — a system-wide change affecting every process on the host; (2) it runs `pkill -9 tor` and spawns a detached Tor daemon via `start_new_session=True` using a torrc written to `/tmp/torrc`, establishing a process that outlives the Python interpreter; (3) it shells out to `pip install` for five unpinned packages (colorama, requests, pycryptodome, urllib3, cfonts) bypassing declared dependencies (`dependencies = []` in pyproject.toml), so the installer's environment is silently mutated with whatever the current PyPI releases are; (4) it fetches a JSON allowlist from a mutable GitHub main-branch ref (`raw.githubusercontent.com/septianhdnatta/idd/refs/heads/main/device.json`), builds a device fingerprint from serial number, build.prop, platform, uid, and timezone, and `sys.exit(1)`s if the installer's fingerprint is not on the author's list. The package's advertised function (`main()`) is a ToS-violating mass account-registration tool against Garena / Free Fire endpoints (`100067.connect.garena.com`, `loginbp.ggblueshark.com`, `loginbp.common.ggbluefox.com`) using hardcoded HMAC and AES-CBC keys, routed through 40 embedded HTTP proxy credentials on ten rotating IPs. The combination of import-time system-file destruction (resolv.conf overwrite), persistence (detached Tor daemon), silent environment mutation (unpinned pip installs), remote kill-switch (device-fingerprint allowlist on a mutable GitHub ref), and abuse-tool payload makes this package hostile to any environment in which it is installed.\n","modified":"2026-05-15T07:52:29.239149Z","published":"2026-05-14T19:24:33Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-05-14T19:24:33Z","sha256":"d0514a0df660dfc4e7380f68e8533fa325ccc246ba21855975f73d3af78cd9f0","source":"amazon-inspector","versions":["0.1.2"],"import_time":"2026-05-15T07:37:15.035779786Z","id":"IN-MAL-2026-002630"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/natazx/0.1.2/"}],"affected":[{"package":{"name":"natazx","ecosystem":"PyPI","purl":"pkg:pypi/natazx"},"versions":["0.1.2"],"database_specific":{"cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/natazx/MAL-2026-3778.json","indicators":{"evidence_files":[{"sha256":"c9d80de7df402bbb38da56b6084847371d0602bad25306035e48c802827291e5","path":"src/natazx/natazx.py","tlsh":"0813c595681018a1d702cc2d4cb6ad61332a380bd5456a68ffdc96e82fbc236de717bd"}],"package_integrity":[{"hashes":{"blake2b_256":"d7b1e6e17a3e2319e1302efc4e78bc90ef908434cbcf850e97ebb3c57ef05e63","sha256":"c241cfd016e236183ec968782ab2a710651ee587373592597f1e4a87cd29d995","md5":"1425e448a0fdc7a6866b8c4175e18fe2"},"filename":"natazx-0.1.2-py3-none-any.whl"},{"hashes":{"blake2b_256":"2f620479b9e9a4ed01d1abcd22adeae6660e7d95fddf1457da595c1b7c15f4ba","sha256":"7d4b5c4e9d46a7ce4018bb2c54c936192b87b5af5dbae411a051c73bfd4c90c0","md5":"eab93f2ef56718e39be0ff4d693f3625"},"filename":"natazx-0.1.2.tar.gz"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}