OSV ID
MAL-2026-5345
Ecosystem
pypi
Summary
On import spaysdata , __init__.py invokes main_entry() which executes a multi-stage Windows infostealer with no relation to the package's advertised purpose (a 'Roblox DataStore' library). Behaviors: (1) reads %USERPROFILE%\AppData\Local\Roblox\LocalStorage\robloxcookies.dat, decrypts via CryptUnprotectData, and POSTs the plaintext cookies to a hardcoded Discord webhook (discord.com/api/webhooks/1513807955340820602/...) and a Google Apps Script endpoint (script.google.com/macros/s/AKfycbwa8sLEdsG_leFVecuc.../exec); (2) kills Discord processes via taskkill /f /im Discord.exe , then enumerates Discord/Discord Canary/PTB/Lightcord and ~20 Chromium browsers (Chrome, Edge, Brave, Yandex, Opera, Vivaldi,...) plus Firefox profiles, AES-GCM-decrypts tokens with each browser's DPAPI master key, validates them against the Discord API, and exfiltrates working tokens to the same endpoints; (3) installs persistence by copying itself to %LOCALAPPDATA%\MicrosoftSecurityWorker\WindowsSecurity.{pyw,exe}, registers that directory as a Windows Defender ExclusionPath via PowerShell Add-MpPreference , and creates a schtasks /sc onlogon /rl highest task named 'WindowsSecurityUpdate' to run at every logon. The Microsoft-lookalike paths/names are explicit AV evasion. Russian/Ukrainian comments in the source acknowledge the stealth and anti-AV intent. The pyproject description in Russian ('Библиотека для работы с DataStore в Roblox') is a lure targeting Roblox developers.
Source: amazon-inspector (698645f1cbbe41dbe7b65f3cf373ed38f59cb59ca9cc0bb25bd9d175114f1762)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.