{"id":"MAL-2025-3469","summary":"Malicious code in sccket (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (5a4f6b8eead6d682b7462da07822a284425fa81c17b9493dd8702ba6a8e5fbb7)\nRunning the module will exfiltrate files from the current directory\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2025-03-randomwifi\n\n\nReasons (based on the campaign):\n\n\n - files-exfiltration\n\n\n - typosquatting\n","modified":"2026-03-19T12:56:55.102476Z","published":"2025-03-31T12:54:29Z","database_specific":{"malicious-packages-origins":[{"import_time":"2025-04-25T09:36:48.378515188Z","sha256":"29a9a863c597f4d01aea243a9cc2ebd5db87885ecc9862fc0fd6f6d939f84ca8","modified_time":"2025-04-23T16:06:40Z","id":"RLMA-2025-02533","versions":["3.8.5.1"],"source":"reversing-labs"},{"import_time":"2025-12-02T22:30:55.562973462Z","sha256":"7558cc14dded9c7f64761cd8ed338732146e6b61ddd3b71c968d2e6377a0d98f","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"modified_time":"2025-03-31T12:54:29Z","id":"pypi/2025-03-randomwifi/sccket","source":"kam193"},{"import_time":"2025-12-02T23:07:18.605313748Z","sha256":"5a4f6b8eead6d682b7462da07822a284425fa81c17b9493dd8702ba6a8e5fbb7","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"modified_time":"2025-03-31T12:54:29Z","id":"pypi/2025-03-randomwifi/sccket","source":"kam193"},{"import_time":"2025-12-10T21:38:57.807880232Z","sha256":"9c7237e454f177da0144ef00ff3861b1fe63c349927f9beb8bbe1f929b441790","modified_time":"2025-03-31T12:54:29Z","id":"pypi/2025-03-randomwifi/sccket","versions":["3.8.5.1"],"source":"kam193"},{"import_time":"2026-03-19T12:20:26.460021036Z","sha256":"a1b968038107877a33903b39d4533fc7678966f178aab33176cf738d218b6d43","modified_time":"2026-03-18T12:18:39Z","id":"RLUA-2026-00746","source":"reversing-labs"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/sccket"}],"affected":[{"package":{"name":"sccket","ecosystem":"PyPI","purl":"pkg:pypi/sccket"},"versions":["3.8.5.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/sccket/MAL-2025-3469.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}