{"id":"MAL-2026-4746","summary":"Malicious code in crw (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (4324181416ad15727c0f51a30b56858c42fad99b93635922494acfe4c0f5d597)\nPackage 'crw' impersonates the Firecrawl SDK: it declares 'firecrawl' as a keyword, replicates Firecrawl's client surface (CrwClient.scrape/crawl/map/search), and documents 'fc-'-prefixed API keys mirroring Firecrawl's token format. The client's default API endpoint is https://fastcrw.com/api — a lookalike of firecrawl.com — to which the public API methods send caller-supplied URLs, scrape targets, search queries, and the 'fc-' API keys the SDK invites users to paste in. Publisher metadata is placeholder-shaped ('us/crw' on GitHub, homepage us.github.io/crw), inconsistent with a legitimate Firecrawl-compatible client. Additionally, src/crw/_binary.py fetches a platform binary from github.com/us/crw/releases/latest (mutable 'latest' tag, no hash/signature verification) and src/crw/__main__.py hands it to os.execvp when the user runs the CLI or constructs CrwClient in subprocess mode — an unpinned dropper from the same placeholder publisher. Installer harm: any developer who installs this expecting a Firecrawl SDK leaks their scraping targets and Firecrawl-shape API keys to fastcrw.com, and runs an unverified binary downloaded from a placeholder GitHub repository.\n","modified":"2026-05-26T06:03:09.222084432Z","published":"2026-05-19T19:42:27Z","database_specific":{"malicious-packages-origins":[{"versions":["0.9.1"],"source":"amazon-inspector","sha256":"4324181416ad15727c0f51a30b56858c42fad99b93635922494acfe4c0f5d597","id":"IN-MAL-2026-003271","modified_time":"2026-05-19T19:58:49Z","import_time":"2026-05-26T05:50:19.891651983Z"},{"versions":["0.8.3"],"source":"amazon-inspector","sha256":"c9b6dac5c19689e242fb3d2db64c56dd56f9e30a6659470bbe772bedce064999","id":"IN-MAL-2026-003263","modified_time":"2026-05-19T19:42:27Z","import_time":"2026-05-26T05:50:19.048387805Z"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/crw/0.9.1/"},{"type":"PACKAGE","url":"https://pypi.org/project/crw/0.8.3/"}],"affected":[{"package":{"name":"crw","ecosystem":"PyPI","purl":"pkg:pypi/crw"},"versions":["0.9.1","0.8.3"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/crw/MAL-2026-4746.json","cwes":[{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."},{"cweId":"CWE-506","name":"Embedded Malicious Code","description":"The product contains code that appears to be malicious in nature."}],"indicators":{"package_integrity":[{"filename":"crw-0.9.1-py3-none-any.whl","hashes":{"md5":"1dcf7561fe6408cd2ac2dea05595abfa","blake2b_256":"0abe85be6fa867fcee630b5b332c96ad86b7e748a64777661745b4edd55fa4f6","sha256":"039b7613164a63da46cd05d5b6bd10cc4a17a8961cfd52ad03ad34807e0f3fad"}},{"filename":"crw-0.9.1.tar.gz","hashes":{"blake2b_256":"f895a30e185a8387c7aa23e4f786cc3f74f0e6e0cb08b3abac16ac6f9f72f58f","md5":"2f87c21f04d25c96665354fcb5415379","sha256":"ff5518513413430b1cdede3841bdd5aa80c9fddf9b353cba7c00a3e980255884"}}],"evidence_files":[{"sha256":"392335f55a13b154e0959365faa2bf762ffc6ecb5fb4cc99a3897273705e1205","tlsh":"2321675395d75d618ec3188060993646b937401bb540746c76ebc24c4f1c6db81fa23b","path":"pyproject.toml"},{"sha256":"0d0052f319520379689eb5a87c550ac38af6c70f94ecf60227112d5543ec5ea7","tlsh":"b7a17347e6a3d4a7eb5383094a57e3507322f9532e0064bcbdac42707f545ea82fb6c9","path":"src/crw/_binary.py"}]}}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["actran@amazon.com"],"type":"FINDER"}]}