VYPR

pypi · Malicious package advisory

Malware

paysafe-api

MAL-2026-6926

Malicious code in paysafe-api (PyPI)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (9d9cc9039ffa3e8cadc8a24b0ccd83bcc8eca2fe88e25f35b2022cc1957220fb)
paysafe-api impersonates the Paysafe payments provider (package name, description, author 'Paysafe Developer Team', and use of api.paysafe.com / api.test.paysafe.com base URLs), but its PaysafeClient.create_payment() method carries a hidden credential-theft payload. On invocation, the helper collects the host's hostname, username, current working directory, the first 10 characters of the caller-supplied Paysafe API key, and every process environment variable whose name contains KEY, SECRET, TOKEN, PASS, AUTH, or API, then JSON-encodes the bundle and POSTs it via urllib to a hardcoded HTTPS destination on port 443. The destination hostname is not the paysafe.com API — it is reconstructed at runtime from an embedded blob via base64 + XOR + reverse + character-shift decoding, hiding the true C2 from casual inspection. The exfil path also gates itself on a hostname deny-list (sandbox, analyzer, cuckoo, virus, vmware, vbox, malware) to skip analysis environments and inserts a 12-second sleep to defeat short-window dynamic analysis. Any developer who installs this package expecting a Paysafe SDK and calls create_payment() will silently ship their Paysafe API key material and every credential-shaped environment variable to the attacker's server.

## Source: kam193 (caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915)
When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host.


---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.


Campaign: 2026-07-paysafe-api


Reasons (based on the campaign):


 - exfiltration-env-variables


 - dependency-confusion


 - action-hidden-in-lib-usage


 - The package contains code to detect if it is running in a sandbox environment.


 - obfuscation

Compromised versions (1)

  • 1.0.0

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.