{"id":"MAL-2024-12261","summary":"Malicious code in easypydb (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (6bba8fa7c973e17898962b7fa6aebecdd0d9149b9e3a1f078bbc57f5e4bf7f0a)\nThe package is a wrapper around \"s1db\" package, which offers some kind of easy online database. However, this package silently exfiltrates credentials given by people and sends them to a Discord webhook, effectively allowing stealing data.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2024-09-old-easypydb\n\n\nReasons (based on the campaign):\n\n\n - action-hidden-in-lib-usage\n\n\n - exfiltration-generic\n\n\n -\n","modified":"2025-12-12T20:39:28.392278Z","published":"2024-09-21T20:17:50Z","database_specific":{"malicious-packages-origins":[{"sha256":"177812f959194ceaf89be68acd4ee0f73f9edf00cc7c24e7748a323780e85f96","source":"kam193","id":"pypi/2024-09-old-easypydb/easypydb","modified_time":"2024-09-21T20:17:50Z","import_time":"2025-12-02T22:30:55.118849876Z","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]},{"sha256":"6bba8fa7c973e17898962b7fa6aebecdd0d9149b9e3a1f078bbc57f5e4bf7f0a","source":"kam193","id":"pypi/2024-09-old-easypydb/easypydb","modified_time":"2024-09-21T20:17:50Z","import_time":"2025-12-02T23:07:18.130354997Z","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]},{"sha256":"96f0ae7f9e01323cf16230e24267394394984c5cf3e188ed5499c86637bd0766","source":"kam193","id":"pypi/2024-09-old-easypydb/easypydb","modified_time":"2024-09-21T20:17:50Z","versions":["0.4.4"],"import_time":"2025-12-10T21:38:57.415535502Z"}],"iocs":{"urls":["https://discord.com/api/webhooks/846019171992862750/t3AJQZ-fE-TrUlnE5tMm1FFw9KrAIJ6MkaokcCz4YP8sRDwy9g9z8VSMdCeXwUF4UwUv"]}},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/easypydb"}],"affected":[{"package":{"name":"easypydb","ecosystem":"PyPI","purl":"pkg:pypi/easypydb"},"versions":["0.4.4"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/easypydb/MAL-2024-12261.json"}}],"schema_version":"1.7.3","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}