{"id":"MAL-2023-1273","summary":"Malicious code in proton-account (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: ossf-package-analysis (edfb8318aed91ce8eb51e269ae47766d501e4e03c1b95f4327570493b4b1379c)\nThe OpenSSF Package Analysis project identified 'proton-account' @ 99.99.999 (npm) as malicious.\n\nIt is considered malicious because:\n- The package communicates with a domain associated with malicious activity.\n","aliases":["SNYK-JS-PROTONACCOUNT-3326385"],"modified":"2026-07-09T09:33:01.848123616Z","published":"2023-05-02T06:41:45Z","database_specific":{"malicious-packages-origins":[{"versions":["99.99.999"],"source":"ossf-package-analysis","sha256":"edfb8318aed91ce8eb51e269ae47766d501e4e03c1b95f4327570493b4b1379c","import_time":"2023-08-10T06:15:31.2763651Z","modified_time":"2023-05-02T06:41:45.818958635Z"},{"modified_time":"2026-07-07T13:05:21Z","versions":["99.99.99","99.99.999","99.99.9999"],"source":"reversing-labs","sha256":"a3906f02579ee568a2dcd6f465246219fcae1864ff7fa0ad33cd80f1e0a74c4f","import_time":"2026-07-09T09:16:44.009482818Z","id":"RLMA-2026-05235"}]},"references":[{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-JS-PROTONACCOUNT-3326385"}],"affected":[{"package":{"name":"proton-account","ecosystem":"npm","purl":"pkg:npm/proton-account"},"versions":["99.99.999","99.99.99","99.99.9999"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/proton-account/MAL-2023-1273.json"}}],"schema_version":"1.7.5","credits":[{"name":"OpenSSF: Package Analysis","contact":["https://github.com/ossf/package-analysis","https://openssf.slack.com/channels/package_analysis"],"type":"FINDER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}