{"id":"MAL-2026-6926","summary":"Malicious code in paysafe-api (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (9d9cc9039ffa3e8cadc8a24b0ccd83bcc8eca2fe88e25f35b2022cc1957220fb)\npaysafe-api impersonates the Paysafe payments provider (package name, description, author 'Paysafe Developer Team', and use of api.paysafe.com / api.test.paysafe.com base URLs), but its PaysafeClient.create_payment() method carries a hidden credential-theft payload. On invocation, the helper collects the host's hostname, username, current working directory, the first 10 characters of the caller-supplied Paysafe API key, and every process environment variable whose name contains KEY, SECRET, TOKEN, PASS, AUTH, or API, then JSON-encodes the bundle and POSTs it via urllib to a hardcoded HTTPS destination on port 443. The destination hostname is not the paysafe.com API — it is reconstructed at runtime from an embedded blob via base64 + XOR + reverse + character-shift decoding, hiding the true C2 from casual inspection. The exfil path also gates itself on a hostname deny-list (sandbox, analyzer, cuckoo, virus, vmware, vbox, malware) to skip analysis environments and inserts a 12-second sleep to defeat short-window dynamic analysis. Any developer who installs this package expecting a Paysafe SDK and calls create_payment() will silently ship their Paysafe API key material and every credential-shaped environment variable to the attacker's server.\n\n## Source: kam193 (caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915)\nWhen using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-07-paysafe-api\n\n\nReasons (based on the campaign):\n\n\n - exfiltration-env-variables\n\n\n - dependency-confusion\n\n\n - action-hidden-in-lib-usage\n\n\n - The package contains code to detect if it is running in a sandbox environment.\n\n\n - obfuscation\n","modified":"2026-07-08T21:46:53.132928371Z","published":"2026-07-07T15:21:28Z","database_specific":{"iocs":{"domains":["caliber-spinner-finishing.ngrok-free.dev"]},"malicious-packages-origins":[{"modified_time":"2026-07-07T15:21:28.624897Z","source":"kam193","import_time":"2026-07-07T15:30:57.582519602Z","sha256":"caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915","id":"pypi/2026-07-paysafe-api/paysafe-api","versions":["1.0.0"]},{"modified_time":"2026-07-07T15:21:28.624897Z","id":"pypi/2026-07-paysafe-api/paysafe-api","import_time":"2026-07-07T22:55:28.691255869Z","sha256":"113895b5937c6b16de757d51b732eabcb0b72f613ca75d4e16d5bcc94da37a67","source":"kam193","versions":["1.0.0"]},{"modified_time":"2026-07-08T20:35:25Z","source":"amazon-inspector","import_time":"2026-07-08T21:27:49.847861124Z","sha256":"9d9cc9039ffa3e8cadc8a24b0ccd83bcc8eca2fe88e25f35b2022cc1957220fb","id":"IN-MAL-2026-008606","versions":["1.0.0"]}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/paysafe-api"},{"type":"WEB","url":"https://socket.dev/blog/npm-pypi-campaign-typosquats-popular-secure-payment-apps"},{"type":"PACKAGE","url":"https://pypi.org/project/paysafe-api/1.0.0/"}],"affected":[{"package":{"name":"paysafe-api","ecosystem":"PyPI","purl":"pkg:pypi/paysafe-api"},"versions":["1.0.0"],"database_specific":{"cwes":[{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/paysafe-api/MAL-2026-6926.json","indicators":{"evidence_files":[{"sha256":"c2a361a7d8feb95be97c957fc7652d348f4fa9a987bde5f09883f46b65c460f1","tlsh":"bb3198d21450754a91662e1b948d6994e34ffd000cafde4bffb09b566f80673c538d28","path":"paysafe_api/__init__.py"},{"tlsh":"d6d0a7a20ce152315990cb9b4d6710514f3eeeb63e61f4d4fb7c53a83f921930a2b12e","sha256":"468858fdda8e3c90737f754bc63fe1e12cd23d6420dab3f5d4fca9848e62f437","path":"setup.py"}],"package_integrity":[{"hashes":{"blake2b_256":"1246dbe96edd2e9d602e280292f4ddaa21a5e8c0a776ae9f3a9d5bc516a95c07","sha256":"20d7eb6fbcf589717a71440f772c00480a5561ded426bb273713d350dda40b2a","md5":"df17f6d1b3612f96ad6f05b7e47a208f"},"filename":"paysafe_api-1.0.0-py3-none-any.whl"},{"hashes":{"blake2b_256":"f4dc758ef9d44a6020c829164a3b54b6f4d2065b297e97b9376c73995354eaec","sha256":"a09a2b1e627c367b6ca8263a48f4a93dfe10a752050319a913e0e3bb8e6e3569","md5":"ba422cbe879ae221834b593746df95c2"},"filename":"paysafe_api-1.0.0.tar.gz"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}