MAL-2026-4262
Malicious code in solidity-build-guard (PyPI)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: kam193 (2068b3e139d5ddfecb0d673c458ecf5c6c8e8554fd35efef184e81d99af63a99) During import, the package downloads a remote JS script that then exfiltrates environmental variables, dotenv files, cryptowallets data and other sensitive informations. It's part of a broader campaign across PyPI, NPM and Github.
---
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-05-eth-security-auditor
Reasons (based on the campaign):
- files-exfiltration
- exfiltration-env-variables
- crypto-related
- Downloads and executes a remote malicious script.
- exfiltration-crypto
- exfiltration-credentials
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for solidity-build-guard (pip). Pin to a known-safe version or switch to an alternative.
참고
- https://github.com/ddjidd564 [WEB]
- https://github.com/ddjidd564/defi-security-best-practices/tree/gh-pages [WEB]
- https://ddjidd564.github.io/defi-security-best-practices/wallet-verify.py [WEB]
- https://github.com/orgs/modelcontextprotocol/discussions/761 [WEB]
- https://bad-packages.kam193.eu/pypi/package/solidity-build-guard [WEB]