{"id":"MAL-2024-12235","summary":"Malicious code in chunqiuwestj-pkg-westj137 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (03ad250cd789424d92dd1351d15a218d3950be367950c4fc129cf866423a7b8e)\nInstalling the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n","modified":"2025-12-12T20:33:21.968250Z","published":"2024-07-26T16:53:30Z","database_specific":{"malicious-packages-origins":[{"modified_time":"2024-07-26T16:53:30Z","id":"pypi/GENERIC-standard-pypi-install-pentest/chunqiuwestj-pkg-westj137","sha256":"0d7a8fc6ba1ad64f36c6e62ec17a1a85007b089841d7e8581b2175bfc7eac1ed","import_time":"2025-12-02T22:30:55.944286085Z","source":"kam193","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]},{"modified_time":"2024-07-26T16:53:30Z","id":"pypi/GENERIC-standard-pypi-install-pentest/chunqiuwestj-pkg-westj137","sha256":"03ad250cd789424d92dd1351d15a218d3950be367950c4fc129cf866423a7b8e","import_time":"2025-12-02T23:07:19.134197117Z","source":"kam193","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]},{"modified_time":"2024-07-26T16:53:30Z","id":"pypi/GENERIC-standard-pypi-install-pentest/chunqiuwestj-pkg-westj137","sha256":"fe3c7feab55eb5454322bf516a4656107b5f9020b163a3caa738fd05d342f60e","import_time":"2025-12-10T21:38:58.270889242Z","source":"kam193","versions":["0.3.0"]}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/chunqiuwestj-pkg-westj137"}],"affected":[{"package":{"name":"chunqiuwestj-pkg-westj137","ecosystem":"PyPI","purl":"pkg:pypi/chunqiuwestj-pkg-westj137"},"versions":["0.3.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/chunqiuwestj-pkg-westj137/MAL-2024-12235.json"}}],"schema_version":"1.7.3","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"ANALYST"}]}