MAL-2024-9952

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/browser-cookies3/MAL-2024-9952.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-9952
Aliases
  • SNYK-PYTHON-BROWSERCOOKIES3-8185018
Published
2024-09-06T12:16:03Z
Modified
2026-03-19T12:51:23.812414Z
Summary
Malicious code in browser-cookies3 (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (ac253e47b0fa143074f6239c3c84b3ecd3521d37f71c4f92937f53cafc5067b5)

Package contains a compiled infostealer that is started instead of promised functionality


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2024-08-dirutils

Reasons (based on the campaign):

  • infostealer

    -

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.1"
            ],
            "sha256": "1fd16f1c8b35abebeb1e90e2f461276f7b43d5e79d3eda77a51cb7c40f3115d3",
            "modified_time": "2024-10-16T14:37:09Z",
            "source": "reversing-labs",
            "id": "RLMA-2024-07894",
            "import_time": "2024-10-24T00:56:54.155450221Z"
        },
        {
            "sha256": "8ec9f52bcc3a58243396d77c8396cb930e08c25523c8b78dea7c68a2307f6651",
            "modified_time": "2025-03-03T13:44:43Z",
            "source": "reversing-labs",
            "id": "RLUA-2025-01204",
            "import_time": "2025-03-03T15:07:33.852544162Z"
        },
        {
            "sha256": "4529ee7157c7665fecc2f4b527ed7f938377f6599c082e8c3fe86593dc37afff",
            "ranges": [
                {
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ],
                    "type": "ECOSYSTEM"
                }
            ],
            "modified_time": "2024-09-06T12:16:03Z",
            "source": "kam193",
            "id": "pypi/2024-08-dirutils/browser-cookies3",
            "import_time": "2025-12-02T22:30:55.007185244Z"
        },
        {
            "sha256": "ac253e47b0fa143074f6239c3c84b3ecd3521d37f71c4f92937f53cafc5067b5",
            "ranges": [
                {
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ],
                    "type": "ECOSYSTEM"
                }
            ],
            "modified_time": "2024-09-06T12:16:03Z",
            "source": "kam193",
            "id": "pypi/2024-08-dirutils/browser-cookies3",
            "import_time": "2025-12-02T23:07:18.033710261Z"
        },
        {
            "versions": [
                "1.1"
            ],
            "sha256": "6aa5796d9bc82229c0f0364579db2d44619ec9869ed1e665d1cb9692112808db",
            "modified_time": "2024-09-06T12:16:03Z",
            "source": "kam193",
            "id": "pypi/2024-08-dirutils/browser-cookies3",
            "import_time": "2025-12-10T21:38:57.327189739Z"
        },
        {
            "sha256": "1e558f0477c72bd84d2c0899491448bef0c2df923689840e2a9993e96842010f",
            "modified_time": "2026-03-18T12:12:02Z",
            "source": "reversing-labs",
            "id": "RLUA-2026-00157",
            "import_time": "2026-03-19T12:19:30.400122717Z"
        }
    ],
    "iocs": {
        "urls": [
            "https://discord.com/api/webhooks/1280529043107614733/woxM-qRJ5KY4nkCILD9TFi0VuJwN-ewQ52ZqbAoeLMaYxfP7hRUErYIMusugirIWB42D",
            "https://discordapp.com/api/webhooks/1284874320556064859/IRz_BFstxKu2-8cHHoF5xEXV4QYYQXkOAI8RwZJ317fJQGRxtbcPcYBeEnwv4dNM9NbZ"
        ]
    }
}
References
Credits

Affected packages

PyPI / browser-cookies3

Package

Name
browser-cookies3
View open source insights on deps.dev
Purl
pkg:pypi/browser-cookies3

Affected ranges

Affected versions

1.*
1.1

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/browser-cookies3/MAL-2024-9952.json"