{"id":"MAL-2026-6945","summary":"Malicious code in jsonschemavalidation (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3)\nThe PyPI project `jsonschemavalidation` builds a wheel whose installed top-level package is literally `jsonschema` (`[tool.hatch.build.targets.wheel] packages = [\"src/jsonschema\"]`). Project metadata (author name, homepage pointing at github.com/python-jsonschema/jsonschema, README, description) mirrors the legitimate upstream `jsonschema` project. Installing this distribution places files into the real `jsonschema` import namespace on the installer, so `import jsonschema` in downstream code would resolve to the code shipped by this distribution rather than the genuine one. The current 4.26.0 contents appear to be an unmodified copy of upstream and no exfiltration, install-time fetch-and-execute, credential harvesting, silent-relay, backdoor, or other installer-harm payload is present in this version. The concern is the namespace-collision channel itself: a name-confusion distribution that populates a widely-used import name is a plausible squat/hijack setup, but name-similarity and namespace collision alone are subjective signals without a payload, so human review is appropriate rather than an automatic block.\n\n## Source: kam193 (b7a6e1ff837eac0382559815111106e3e85b3825b72f38355551d5874cc24b0e)\nA clone of a legitimate package with an embeded reverse shell. In the published version, the reverse shell was connecting to a private IP address suggesting the package was not yet fully weaponized.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-07-jsonschemavalidation\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.\n\n\n - clones-real-package\n\n\n - obfuscation\n","modified":"2026-07-08T23:47:02.333338641Z","published":"2026-07-07T15:29:07Z","database_specific":{"malicious-packages-origins":[{"source":"kam193","import_time":"2026-07-07T16:25:33.946880197Z","id":"pypi/2026-07-jsonschemavalidation/jsonschemavalidation","modified_time":"2026-07-07T15:29:07.803542Z","sha256":"b7a6e1ff837eac0382559815111106e3e85b3825b72f38355551d5874cc24b0e","versions":["4.26.0"]},{"versions":["4.26.0"],"id":"IN-MAL-2026-008960","import_time":"2026-07-08T23:27:55.812345434Z","modified_time":"2026-07-08T22:58:27Z","sha256":"eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3","source":"amazon-inspector"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/jsonschemavalidation"},{"type":"PACKAGE","url":"https://pypi.org/project/jsonschemavalidation/4.26.0/"}],"affected":[{"package":{"name":"jsonschemavalidation","ecosystem":"PyPI","purl":"pkg:pypi/jsonschemavalidation"},"versions":["4.26.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/jsonschemavalidation/MAL-2026-6945.json","indicators":{"evidence_files":[{"tlsh":"c8d1d8f37a851bb46dca2154f98859019b364c3b25f1b939bb9f8049070ddbe83bc86d","path":"pyproject.toml","sha256":"50b15390212893d290c805bdce5bfb689ab875d04d65c5e9ff5d91acde4756c3"}],"package_integrity":[{"filename":"jsonschemavalidation-4.26.0-py3-none-any.whl","hashes":{"blake2b_256":"2143d4b7230153dd4e4bdac7e231bc7a25eae97ed63363cc6175475551c221c1","md5":"ceb48ffdbd98a4a24f604820a45d5c98","sha256":"953ae490ebffaa05c49b9186de084704c1bbdd5f0915f9822dcb65b1d2057fe8"}},{"filename":"jsonschemavalidation-4.26.0.tar.gz","hashes":{"blake2b_256":"9d76d6e87cbe52f52b06ded856f58d4b6d4e1e9b43a85fc396295605db7f52e4","md5":"0888bbfb11a540c7afa0bc30a3d97aae","sha256":"6e545c0dbba0dc91e5beb23180a29d90477639c5532d9c6e3699d588f6fd77df"}}]},"cwes":[{"name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature.","cweId":"CWE-506"}]}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}