Supply-chain threat intelligence
Risk score
92
Indexed incident for ditenv (pypi).
setup.py overrides the install and egg_info commands with a RunCommand() class that fires unconditionally on pip install or pip download. The override reads the entire process environment via os.environ, serializes every key=value pair, captures the output of ps -elf, and POSTs the combined payload over plaintext HTTP via curl to a hardcoded interactsh/OAST subdomain (gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun). On developer machines and CI runners, the captured environment routinely contains AWS_SECRET_ACCESS_KEY, GH_TOKEN, NPM_TOKEN, PYPI_TOKEN, and similar credentials, all of which are leaked to an arbitrary attacker-controlled callback host. The package name is suggestive of a dotenv typosquat and the README self-identifies as a proof-of-concept; a comment claims the code is 'for research not for doing any harmful activity', but the cover story does not change the fact that any installer is subjected to live credential theft.
During installation, the package exfiltrates env variables
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-ip-rotat
Reasons (based on the campaign):
The package overrides the install command in setup.py to execute malicious code during installation.
exfiltration-env-variables
typosquatting
Affected versions
Indicators
Timeline