{"id":"MAL-2024-11712","summary":"Malicious code in spider-ai (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (aaeb144e288d0288f6013d64f0e9e57164e5c3eded3924fd2282577b59c28f1a)\nEvery time the user sends a message to the AI, the user IP, message as well as the response are exfiltrated to a hardcoded telegram channel. This behaviour is not mentioned in the package description. Instead, the description lures to offer advanced features.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2024-09-spider-ai\n\n\nReasons (based on the campaign):\n\n\n - exfiltration-generic\n\n\n - A Telegram webhook is used to send collected data.\n\n\n - action-hidden-in-lib-usage\n","modified":"2026-03-19T12:57:02.113303Z","published":"2024-10-02T09:16:00Z","database_specific":{"malicious-packages-origins":[{"versions":["0.1","0.2","0.3"],"modified_time":"2024-12-09T06:51:12Z","id":"RLMA-2024-11170","import_time":"2024-12-09T14:38:49.350728416Z","sha256":"b6044e2088bfccda6a25000a9147c5ee04bdc85b41f6892dffd21d4712a52c9a","source":"reversing-labs"},{"modified_time":"2024-10-02T09:16:00Z","id":"pypi/2024-09-spider-ai/spider-ai","import_time":"2025-12-02T22:30:55.606633378Z","source":"kam193","sha256":"78594d424d08bb8ed6403dbf803ae8a366d7632b1b3e2f8c06ccd2b2a3fcd528","ranges":[{"events":[{"introduced":"0"}],"type":"ECOSYSTEM"}]},{"modified_time":"2024-10-02T09:16:00Z","id":"pypi/2024-09-spider-ai/spider-ai","import_time":"2025-12-02T23:07:18.64632273Z","source":"kam193","sha256":"aaeb144e288d0288f6013d64f0e9e57164e5c3eded3924fd2282577b59c28f1a","ranges":[{"events":[{"introduced":"0"}],"type":"ECOSYSTEM"}]},{"versions":["0.1","0.3","1.1","1.0","0.4"],"modified_time":"2024-10-02T09:16:00Z","id":"pypi/2024-09-spider-ai/spider-ai","import_time":"2025-12-10T21:38:57.836186941Z","sha256":"fdebde4ac8f6a4c71147ea096292f248a48ded6a1a0acb428ae7b2d6e6e0b6ec","source":"kam193"},{"versions":["0.1","0.3","0.4","1.0","1.1"],"modified_time":"2024-10-02T09:16:00Z","id":"pypi/2024-09-spider-ai/spider-ai","import_time":"2025-12-30T22:39:04.183346551Z","sha256":"285e152d1207273a83ab3dfe450adee76419556042defd9de2fd2ab48a5f5419","source":"kam193"},{"modified_time":"2026-03-18T12:18:59Z","id":"RLUA-2026-00775","import_time":"2026-03-19T12:20:29.282120511Z","sha256":"2c8810dd75efaab9b1c502941ae8b2ce5b66bcb1ad5a5cf45cd23fc2d561693c","source":"reversing-labs"}],"iocs":{"domains":["01d73592-4d64-43f7-b664-ecd679686756-00-30a5f50srzeko.janeway.replit.dev"]}},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/spider-ai"}],"affected":[{"package":{"name":"spider-ai","ecosystem":"PyPI","purl":"pkg:pypi/spider-ai"},"versions":["0.1","0.2","0.3","1.1","1.0","0.4"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/spider-ai/MAL-2024-11712.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}