MAL-2026-5337

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (4967ebad2d1f4f5802ef50f1d399c05c4dfab94a208079695570b15ffef0fdd2) On import, solana-web3/__init__.py executes a credential-stealer payload. After a sandbox-evasion gate (checks for 12-hex Docker hostname, /.dockerenv, and presence of `strace` to skip analysis environments), `_collect()` reads installer-side secrets: ~/.ssh/id_rsa, ~/.ssh/id_ed25519, ~/.aws/credentials, Solana keypairs at ~/.config/solana/id.json and ~/.solana/id.json,.env files in the current and parent directories as well as /app/.env and /root/.env, and bulk-scrapes os.environ for any variable name containing KEY/SECRET/MNEMONIC/PRIVATE/TOKEN/PASSWORD/AWS/NPM/GITHUB/SOLANA. The harvested data is POSTed to https://api.telegram.org/bot<redacted>/sendMessage using a hardcoded bot token and chat_id 8346336575. `_persist()` then writes `@reboot sleep 90 && python3 <__file__>` into /tmp/.psync and merges it into the user's crontab so the stealer re-runs on every reboot, even after the package is uninstalled. The package name impersonates the well-known @solana/web3.js Solana SDK and advertises itself as a 'Community-maintained Solana Python SDK', but ships no SDK functionality — only the stealer. METADATA lists UNKNOWN homepage/license and a generic 'Solana Dev Community' author.

## Source: kam193 (91c09b86579a07d271d3bcd57adf5b5b161e49e36c3bd7af09c50dd8127aa54f) During import, the package exfiltrates sensitive data (credentials, SSH keys, cryptowallet's data). It also establishes persistence via a cronjob.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-spl-token-py

Reasons (based on the campaign):

- crypto-related

- typosquatting

- exfiltration-ssh-keys

- exfiltration-credentials

- exfiltration-crypto

- exfiltration-env-variables

- persistence

- uses-telegram-bot

- The package contains code to detect if it is running in a sandbox environment.