Supply-chain threat intelligence

Incident detail

criticalpypi·malware·osv

Malicious code in mfq-private-encoder (PyPI)

mfq-private-encoder

Risk score

92

AI summary

Indexed incident for mfq-private-encoder (pypi).

Description

The package advertises a Python source-code encoder but has no local codec. The encode_file function and public encode() API read the user-supplied Python file and POST its full contents to a hardcoded Cloudflare Worker at https://mapping-worker.email-ecf.workers.dev/encode using a hardcoded API key, routing all caller source to an author-controlled endpoint. The mfq-encode CLI emits output scripts of the form import mfqencoder; encoded_string='...'; exec(mfqencoder.decode(encoded_string)), where mfqencoder.decode POSTs to https://mapping-worker.email-ecf.workers.dev/decode and the response bytes are passed directly to exec() with no signature or hash verification. Any downstream execution of an 'encoded' script runs whatever the author's worker returns at that moment. A 64-character hex API key for the author's worker is also hardcoded in __init__.py, encoder.py, and decoder.py.

Technical details

Affected versions

=1.0.0

Indicators

  • affected version=1.0.075%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents