MAL-2024-12366
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ttat-api/MAL-2024-12366.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2024-12366
- Published
- 2024-08-22T22:25:03Z
- Modified
- 2025-12-12T20:43:39.147855Z
- Summary
- Malicious code in ttat-api (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (171a49cab7c7b9f2c358c0e14882706dcd80cde089799698400155ee26240e80)
Collects basic information about the system, most probably a pentest or bug bounty.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: 2024-08-byted-22.ax
Reasons (based on the campaign):
- The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
- Database specific
{ "iocs": { "domains": [ "zkecscnceogkcofvfnoqhyc1gg3hf6aqe.22.ax" ] }, "malicious-packages-origins": [ { "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" } ] } ], "id": "pypi/2024-08-byted-22.ax/ttat-api", "sha256": "6918ae314f1bdf20816d2da5f44532bbabc21ca5f698a6119c9878c20d309504", "source": "kam193", "modified_time": "2024-08-22T22:25:03Z", "import_time": "2025-12-02T22:30:56.478095228Z" }, { "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" } ] } ], "id": "pypi/2024-08-byted-22.ax/ttat-api", "sha256": "171a49cab7c7b9f2c358c0e14882706dcd80cde089799698400155ee26240e80", "source": "kam193", "modified_time": "2024-08-22T22:25:03Z", "import_time": "2025-12-02T23:07:19.65835156Z" }, { "id": "pypi/2024-08-byted-22.ax/ttat-api", "sha256": "d30358e52cc6bf4156b509a01d73b5977b953cf60bcbb43a219f9d2ba13b40f6", "source": "kam193", "versions": [ "1.0.5" ], "modified_time": "2024-08-22T22:25:03Z", "import_time": "2025-12-10T21:38:58.755051963Z" } ] }- References
- Credits
-
-
- Kamil Mańkowski (kam193)
-
- Kamil Mańkowski (kam193) - ANALYST
-
Affected packages
PyPI / ttat-api
Package
- Name
- ttat-api
- View open source insights on deps.dev
- Purl
- pkg:pypi/ttat-api