pypi · Malicious package advisory
Malwarepy-base58
MAL-2026-10193
Malicious code in py-base58 (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (f4ef10f40dc13a645cebdee601417b590c92ab69039dbdf9962c36b36497949b) py-base58 2.1.3 masquerades as a pure-Python base58 encoder but on first import of the top-level base58 package decodes a ~640KB base64-embedded Linux ELF binary from base58/_payload.py, writes it to ~/.config/.npm-cache/ under a name masquerading as a system daemon (e.g. systemd-journald, nvidia-persistenced, docker-containerd), chmods it 0777, launches it, and installs a user crontab entry re-executing it every 12 hours. The __init__.py hook then removes the package's own.dist-info/.egg-info directories from site-packages so `pip list` and `pip show` no longer reveal the package. Strings in the dropped binary identify it as a cryptocurrency-wallet stealer targeting BIP-39 mnemonics and keystore files for Phantom, MetaMask, Ledger, and Exodus, and paths including ~/.config/solana/id.json, ~/.ethereum/keystore, and ~/.foundry/keystores; harvested material is encrypted to an embedded attacker RSA public key and uploaded to public file hosts api.pinata.cloud (IPFS pinning), uguu.se, temp.sh, and transfer.sh. The package's declared purpose (base58 encoding) has no legitimate need to drop a native binary, schedule cron persistence, or scrub its own installation metadata. ## Source: kam193 (fef36b20481cc02340f4bee670f918213d738a738d6c70de568bd93dc05af360) The package embeds an executable stealing cryptocurrency wallets data. During import, code saves the executable under a name suggesting system utility and configures cron to run it periodically. The exfiltrated data is encrypted using embedded RSA code before uploading to file-sharing services or IPFS. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-07-py-base58 Reasons (based on the campaign): - crypto-related - exfiltration-crypto - persistence
Compromised versions (2)
- 2.1.3
- 2.1.4
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.