{"id":"MAL-2024-9965","summary":"Malicious code in crytic-compilers (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-PYTHON-CRYTICCOMPILERS-7231128"],"modified":"2024-10-24T01:27:06.516032Z","published":"2024-10-16T14:39:08Z","database_specific":{"malicious-packages-origins":[{"versions":["0.3.7","0.3.8","0.3.9","0.3.10","0.3.11"],"source":"reversing-labs","sha256":"5501aee381b0752654d56e7e80b64b3d71a6ca2745ddc0b7fee87e4cf8a6eb82","import_time":"2024-10-24T00:56:55.154237072Z","modified_time":"2024-10-16T14:39:08Z","id":"RLMA-2024-08081"}]},"references":[{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-PYTHON-CRYTICCOMPILERS-7231128"},{"type":"ARTICLE","url":"https://socket.dev/blog/trojan-embedded-in-crytic-compilers-python-package"},{"type":"WEB","url":"https://www.sonatype.com/blog/crytic-compilers-typosquats-known-crypto-library-drops-windows-trojan"},{"type":"ARTICLE","url":"https://thehackernews.com/2024/06/hackers-target-python-developers-with.html"}],"affected":[{"package":{"name":"crytic-compilers","ecosystem":"PyPI","purl":"pkg:pypi/crytic-compilers"},"versions":["0.3.7","0.3.8","0.3.9","0.3.10","0.3.11"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/crytic-compilers/MAL-2024-9965.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}