{"id":"MAL-2025-192953","summary":"Malicious code in aiogram-types-v3 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (f6ba04e944f1dfda1aaa2d571fa79cd8ce4074a106bae228e582473226810baf)\nDuring installation or importing the module, the package starts a reverse shell to hardcoded locatiom\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2025-12-aiogram-sever-patch\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n\n - dependency-confusion\n","modified":"2025-12-31T02:52:07.205469Z","published":"2025-12-28T01:44:36Z","database_specific":{"malicious-packages-origins":[{"versions":["3.0.1"],"id":"pypi/2025-12-aiogram-sever-patch/aiogram-types-v3","import_time":"2025-12-28T02:51:24.382598089Z","modified_time":"2025-12-28T01:44:36.367779Z","source":"kam193","sha256":"f6ba04e944f1dfda1aaa2d571fa79cd8ce4074a106bae228e582473226810baf"},{"versions":["3.0.1","3.0.2","3.0.5","3.1.0","3.1.5"],"id":"pypi/2025-12-aiogram-sever-patch/aiogram-types-v3","import_time":"2025-12-28T18:09:33.818025525Z","modified_time":"2025-12-28T17:55:37.689964Z","source":"kam193","sha256":"316e41d7996fbbce00672b313f1b120a2f308f2bc8a53f6b19eb0bd2c1029ac0"},{"versions":["3.0.1","3.0.2","3.0.5","3.1.0","3.1.5","3.3.1","3.4.0"],"id":"pypi/2025-12-aiogram-sever-patch/aiogram-types-v3","import_time":"2025-12-28T19:06:12.246580866Z","modified_time":"2025-12-28T18:53:54.171152Z","source":"kam193","sha256":"87996549737c8dd370e796339a3c31956da3de177920cbd16ab77f5d5d68afa2"},{"versions":["3.0.1","3.0.2","3.0.5","3.1.0","3.1.5","3.3.1","3.4.0","3.9.7","3.2.0","4.2.0","5.9.8","3.9.8"],"id":"pypi/2025-12-aiogram-sever-patch/aiogram-types-v3","import_time":"2025-12-28T20:07:59.79231834Z","modified_time":"2025-12-28T19:40:03.129019Z","source":"kam193","sha256":"46554d260857f5bf6b1492bb29e90938ef28d557cef06c930d786a9a2ac0b0f9"},{"versions":["3.0.1","3.0.2","3.0.5","3.1.0","3.1.5","3.2.0","3.3.1","3.4.0","3.9.7","3.9.8","4.2.0","5.9.8"],"id":"pypi/2025-12-aiogram-sever-patch/aiogram-types-v3","import_time":"2025-12-30T22:39:04.0268838Z","modified_time":"2025-12-28T19:40:03.129019Z","source":"kam193","sha256":"04bd21d6e982435e70b39fb6145124326fb660b89a91364ac51a225bfbf5a187"}],"iocs":{"ips":["147.45.124.42"]}},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/aiogram-types-v3"}],"affected":[{"package":{"name":"aiogram-types-v3","ecosystem":"PyPI","purl":"pkg:pypi/aiogram-types-v3"},"versions":["3.0.1","3.0.2","3.0.5","3.1.0","3.1.5","3.3.1","3.4.0","3.9.7","3.2.0","4.2.0","5.9.8","3.9.8"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/aiogram-types-v3/MAL-2025-192953.json"}}],"schema_version":"1.7.3","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}