MAL-2024-4454

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/nuget/crypto.exchange/MAL-2024-4454.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-4454

Published

2024-06-25T13:28:55Z

Modified

2024-10-24T01:01:57Z

Summary

Malicious code in Crypto.Exchange (NuGet)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "9f042da3a302a2e9d8e5a5f11b1132a859f74b3f63cc74c6e9fb7624097400e7",
            "import_time": "2024-06-28T02:47:40.442925012Z",
            "source": "reversing-labs",
            "modified_time": "2024-06-25T13:28:55Z",
            "id": "RLMA-2024-03247",
            "versions": [
                "1.2.53",
                "1.2.39",
                "1.2.52",
                "1.2.5",
                "1.2.25",
                "1.2.26",
                "1.2.1",
                "1.2.51",
                "6.2.2",
                "1.2.54",
                "1.2.33",
                "1.2.18",
                "1.2.9",
                "1.2.21",
                "6.3.5",
                "1.2.34",
                "1.2.38",
                "1.2.8",
                "1.2.28",
                "1.2.32",
                "6.3.4",
                "1.2.36",
                "1.2.46",
                "1.2.17",
                "1.2.43",
                "1.2.15",
                "6.2.4",
                "1.2.11",
                "1.2.4",
                "1.2.37",
                "1.2.3",
                "1.2.49",
                "1.2.22",
                "1.2.44",
                "1.2.23",
                "1.2.6",
                "1.2.20",
                "1.2.13",
                "1.2.35",
                "1.2.48",
                "1.2.56",
                "1.2.45",
                "1.2.7",
                "1.2.24",
                "6.2.1",
                "1.2.30",
                "1.2.41",
                "1.2.29",
                "1.2.42",
                "1.2.55",
                "1.2.19",
                "1.2.47",
                "1.2.27",
                "1.2.50",
                "1.2.31",
                "1.2.12",
                "1.2.16",
                "1.2.40",
                "1.2.10",
                "1.2.2",
                "1.2.14"
            ]
        },
        {
            "sha256": "0d860bf186fddaa1d550145c408c3c2ee38c5f5d3421a0aa46efd6c5d176bd76",
            "import_time": "2024-10-24T00:58:36.972095607Z",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T13:47:45Z",
            "id": "RLUA-2024-07658"
        }
    ]
}

References

https://www.reversinglabs.com/blog/malicious-nuget-campaign-uses-homoglyphs-and-il-weaving-to-fool-devs

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

NuGet / Crypto.Exchange

Package

Name: Crypto.Exchange; View open source insights on deps.dev
Purl: pkg:nuget/Crypto.Exchange

Affected ranges

Affected versions

1.*

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.2.10

1.2.11

1.2.12

1.2.13

1.2.14

1.2.15

1.2.16

1.2.17

1.2.18

1.2.19

1.2.20

1.2.21

1.2.22

1.2.23

1.2.24

1.2.25

1.2.26

1.2.27

1.2.28

1.2.29

1.2.30

1.2.31

1.2.32

1.2.33

1.2.34

1.2.35

1.2.36

1.2.37

1.2.38

1.2.39

1.2.40

1.2.41

1.2.42

1.2.43

1.2.44

1.2.45

1.2.46

1.2.47

1.2.48

1.2.49

1.2.50

1.2.51

1.2.52

1.2.53

1.2.54

1.2.55

1.2.56

6.*

6.2.1

6.2.2

6.2.4

6.3.4

6.3.5