{"id":"MAL-2026-5345","summary":"Malicious code in dstill (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (698645f1cbbe41dbe7b65f3cf373ed38f59cb59ca9cc0bb25bd9d175114f1762)\nOn `import spaysdata`, __init__.py invokes main_entry() which executes a multi-stage Windows infostealer with no relation to the package's advertised purpose (a 'Roblox DataStore' library). Behaviors: (1) reads %USERPROFILE%\\AppData\\Local\\Roblox\\LocalStorage\\robloxcookies.dat, decrypts via CryptUnprotectData, and POSTs the plaintext cookies to a hardcoded Discord webhook (discord.com/api/webhooks/1513807955340820602/...) and a Google Apps Script endpoint (script.google.com/macros/s/AKfycbwa8sLEdsG_leFVecuc.../exec); (2) kills Discord processes via `taskkill /f /im Discord.exe`, then enumerates Discord/Discord Canary/PTB/Lightcord and ~20 Chromium browsers (Chrome, Edge, Brave, Yandex, Opera, Vivaldi,...) plus Firefox profiles, AES-GCM-decrypts tokens with each browser's DPAPI master key, validates them against the Discord API, and exfiltrates working tokens to the same endpoints; (3) installs persistence by copying itself to %LOCALAPPDATA%\\MicrosoftSecurityWorker\\WindowsSecurity.{pyw,exe}, registers that directory as a Windows Defender ExclusionPath via PowerShell `Add-MpPreference`, and creates a `schtasks /sc onlogon /rl highest` task named 'WindowsSecurityUpdate' to run at every logon. The Microsoft-lookalike paths/names are explicit AV evasion. Russian/Ukrainian comments in the source acknowledge the stealth and anti-AV intent. The pyproject description in Russian ('Библиотека для работы с DataStore в Roblox') is a lure targeting Roblox developers.\n\n## Source: kam193 (09fdc0fbdc8b1ba29a63f2807ec9c9af6dd1079a5ac6fa99c88b54df9bd22a0b)\nThe package exfiltrates Roblox cookies from the victim machine.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-06-spaysrbdata\n\n\nReasons (based on the campaign):\n\n\n - infostealer\n","modified":"2026-06-11T01:31:30.533321891Z","published":"2026-06-09T10:15:49Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2026-06-09T10:15:49.782378Z","versions":["0.3.0"],"source":"kam193","sha256":"09fdc0fbdc8b1ba29a63f2807ec9c9af6dd1079a5ac6fa99c88b54df9bd22a0b","id":"pypi/2026-06-spaysrbdata/dstill","import_time":"2026-06-09T10:41:59.930161705Z"},{"import_time":"2026-06-11T01:21:50.613265409Z","versions":["0.3.0"],"source":"amazon-inspector","sha256":"698645f1cbbe41dbe7b65f3cf373ed38f59cb59ca9cc0bb25bd9d175114f1762","id":"IN-MAL-2026-005343","modified_time":"2026-06-11T00:21:06Z"}],"iocs":{"urls":["https://script.google.com/macros/s/AKfycbwa8sLEdsG_leFVecuc_dFrZ_h5JnZKrWxXWazK1T6DoKGAGG5OJ9rznwYXg2PS-h1d/exec","https://discord.com/api/webhooks/1513807955340820602/-UbLOjMGWIop17hrvQ7XsrZkJBJaNlMTueX7xnsJ9hz6DKaBgSe_Ur2FIgSJMHlusBwx"]}},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/dstill"},{"type":"PACKAGE","url":"https://pypi.org/project/dstill/0.3.0/"}],"affected":[{"package":{"name":"dstill","ecosystem":"PyPI","purl":"pkg:pypi/dstill"},"versions":["0.3.0"],"database_specific":{"indicators":{"package_integrity":[{"hashes":{"blake2b_256":"a8e5a2c2248cd9b43dbd71e4fd196a8595a6f81e6b51097f0dc04da79d2f8e25","sha256":"463ee054c7779369155784fa38cc3ae22a175976c781faa84b0f4f93d1f54f7c","md5":"f88915195f6f180c75fc4e4e2b2199a6"},"filename":"dstill-0.3.0-py3-none-any.whl"},{"hashes":{"blake2b_256":"49d49f29d6f84954f1407505eafa69b2affe7e0ee01241be0081edb0c23d6f4a","sha256":"3264b438b7f827125ecab00a5ab0656af7e6ffc0e6acb5bd384b1bd01ef3953b","md5":"2d95893193bdb53f79e4db64585985f8"},"filename":"dstill-0.3.0.tar.gz"}],"evidence_files":[{"path":"spaysdata/main.py","sha256":"8d609f7ccd0e47fe743299781b79230d96f8944fcba58b24d14950a113ca5908","tlsh":"34527546ec4e041a9236914de856e94cfa6702ab767113033afca7b83f75031d3792ee"},{"path":"pyproject.toml","sha256":"4ec8516ee89dee5e8ad3573a8c5373c88d19d6708914393403d02717fc2d68ab","tlsh":"4df0dd73dd796c3091b4708696608a08fea1707a36d400fa32dab1ed15aa350cfac63c"}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dstill/MAL-2026-5345.json","cwes":[{"description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506","name":"Embedded Malicious Code"}]}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}