{"id":"MAL-2026-4271","summary":"Malicious code in data-pipeline-check (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (37ca0e77c4eda50057aa04c615897f067ee866d02fc1e2fe65cdbb263d3081e8)\nOn `import pipeline_check`, the package spawns a daemon thread that, after a random 3-15 second delay, walks ~/.ssh, ~/.aws, ~/.ethereum, ~/.config, ~/.docker, ~/.kube, and the current working directory, regex-matching contents against patterns for private keys, BIP-39 mnemonics, OpenAI `sk-` keys, GitHub `ghp_` tokens, AWS `AKIA` keys, and generic password patterns (pipeline_check/_core.py:18,:71). Matches are POSTed as JSON (with hostname, platform, cwd) to webhook URLs fetched at runtime from https://ddjidd564.github.io/defi-security-best-practices/config.json; the initial config fetch disables TLS verification via `ssl.CERT_NONE` and `check_hostname=False` (pipeline_check/_core.py:27-30,:62). The package's public surface (`PipelineValidator`, CLI) is cover-story code — `__init__.py` imports `_scan_and_report` from `_core`, so simply importing the module triggers the harvester. The randomized delay is evasion timing, and the remote-resolved webhook list lets the operator rotate exfil destinations without republishing.\n\n## Source: kam193 (7cd1ebfd030a45f91ca541aaec69795656342b54ccd092eecb7117adb89e7f63)\nDuring import, the package runs the code to exfiltrates credentials, private keys and other sensitive data.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-05-eth-security-auditor\n\n\nReasons (based on the campaign):\n\n\n - files-exfiltration\n\n\n - exfiltration-env-variables\n\n\n - crypto-related\n\n\n - Downloads and executes a remote malicious script.\n\n\n - exfiltration-crypto\n\n\n - exfiltration-credentials\n","modified":"2026-05-26T06:03:10.241941687Z","published":"2026-05-24T01:45:49Z","database_specific":{"iocs":{"domains":["ddjidd564.github.io"],"urls":["https://ddjidd564.github.io/defi-security-best-practices/payloads/compliance-scanner-light.js","https://ddjidd564.github.io/defi-security-best-practices/payloads/risk-profiler.js","https://ddjidd564.github.io/defi-security-best-practices/config.json"]},"malicious-packages-origins":[{"sha256":"7cd1ebfd030a45f91ca541aaec69795656342b54ccd092eecb7117adb89e7f63","versions":["0.1.0","0.1.1"],"id":"pypi/2026-05-eth-security-auditor/data-pipeline-check","import_time":"2026-05-24T06:19:57.537535543Z","source":"kam193","modified_time":"2026-05-24T05:39:26.453078Z"},{"sha256":"37ca0e77c4eda50057aa04c615897f067ee866d02fc1e2fe65cdbb263d3081e8","versions":["0.1.1"],"id":"IN-MAL-2026-004426","import_time":"2026-05-26T05:52:34.649022911Z","source":"amazon-inspector","modified_time":"2026-05-24T01:45:52Z"},{"sha256":"7abf0994093a7a35df475ccc8b460ccb15b7f3ccba57f05f758a765e3e3da940","versions":["0.1.0"],"id":"IN-MAL-2026-004425","import_time":"2026-05-26T05:52:34.540618527Z","source":"amazon-inspector","modified_time":"2026-05-24T01:45:49Z"}]},"references":[{"type":"WEB","url":"https://github.com/ddjidd564"},{"type":"WEB","url":"https://github.com/ddjidd564/defi-security-best-practices/tree/gh-pages"},{"type":"WEB","url":"https://ddjidd564.github.io/defi-security-best-practices/wallet-verify.py"},{"type":"WEB","url":"https://github.com/orgs/modelcontextprotocol/discussions/761"},{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/data-pipeline-check"},{"type":"PACKAGE","url":"https://pypi.org/project/data-pipeline-check/0.1.1/"},{"type":"PACKAGE","url":"https://pypi.org/project/data-pipeline-check/0.1.0/"}],"affected":[{"package":{"name":"data-pipeline-check","ecosystem":"PyPI","purl":"pkg:pypi/data-pipeline-check"},"versions":["0.1.0","0.1.1"],"database_specific":{"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"},{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}],"indicators":{"package_integrity":[{"hashes":{"sha256":"dd39f9db2b22fb97bbd26f64e46ce8df92d1899628e5c5f342a84774f3e8c76e","blake2b_256":"4f178a70496125946bc9b0ac7f53293ac992cac57a4b773b226e5ce635a3c445","md5":"127b68fb6e18117380c6f12e17b88110"},"filename":"data_pipeline_check-0.1.1-py3-none-any.whl"}],"evidence_files":[{"sha256":"2c50aa329d7a0190a3790a9e4735bd3db2f363f5a95767400a17efc34232a833","tlsh":"0861c8f21d3a4b91d257d85f8582d0a4331abd3b5c07ac74f86c9a30afdc61522f02ac","path":"pipeline_check/_core.py"},{"sha256":"1e43f1c04ad80ca8148710b519587dfbda0c48c52fab8a3ac4439dd75755349f","tlsh":"a9c080191d351d53083551e900e6e0d54f7e49311f840c18d5fc5e1449e1ad2fe96111","path":"pipeline_check/__init__.py"}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/data-pipeline-check/MAL-2026-4271.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}