{"id":"MAL-2024-11694","summary":"Malicious code in reverse434343 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (9107d563a329f12fdff39bb22f6d6593f6d005d38f9738c2d3a78c94ee368262)\nThe package contains only a reverse shell started on installation\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2024-11-predic\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.\n","modified":"2026-03-19T13:00:55.161837Z","published":"2024-11-14T17:07:03Z","database_specific":{"malicious-packages-origins":[{"versions":["1.0.0"],"modified_time":"2024-12-09T06:51:03Z","id":"RLMA-2024-11152","import_time":"2024-12-09T14:38:48.563890058Z","source":"reversing-labs","sha256":"9f647003c4336c02a6dd642e047113515992496d9fb5aacf1f4caf135e37f572"},{"modified_time":"2024-11-14T17:07:03Z","id":"pypi/2024-11-predic/reverse434343","import_time":"2025-12-02T22:30:55.546212707Z","source":"kam193","sha256":"2e07988de8ac1793c1e2ede3bf518ddd9c0f65e6086a241c968cf3bbf6564f24","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]},{"modified_time":"2024-11-14T17:07:03Z","id":"pypi/2024-11-predic/reverse434343","import_time":"2025-12-02T23:07:18.58522642Z","source":"kam193","sha256":"9107d563a329f12fdff39bb22f6d6593f6d005d38f9738c2d3a78c94ee368262","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]},{"versions":["1.0.0"],"modified_time":"2024-11-14T17:07:03Z","id":"pypi/2024-11-predic/reverse434343","import_time":"2025-12-10T21:38:57.792874249Z","source":"kam193","sha256":"bdbb79596d089d99d6a67246fb7f651b54ef2b912c069d02e862250e0257579e"},{"modified_time":"2026-03-18T12:18:22Z","id":"RLUA-2026-00721","import_time":"2026-03-19T12:20:23.990727235Z","source":"reversing-labs","sha256":"057bd7e0d8383ace96b883d02648c55b6c8abc9f74e4a42b162d10a367a31315"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/reverse434343"}],"affected":[{"package":{"name":"reverse434343","ecosystem":"PyPI","purl":"pkg:pypi/reverse434343"},"versions":["1.0.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/reverse434343/MAL-2024-11694.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}