MAL-2025-3469

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/sccket/MAL-2025-3469.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-3469
Published
2025-03-31T12:54:29Z
Modified
2026-03-19T12:56:55.102476Z
Summary
Malicious code in sccket (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (5a4f6b8eead6d682b7462da07822a284425fa81c17b9493dd8702ba6a8e5fbb7)

Running the module will exfiltrate files from the current directory


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-03-randomwifi

Reasons (based on the campaign):

  • files-exfiltration

  • typosquatting

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "3.8.5.1"
            ],
            "id": "RLMA-2025-02533",
            "modified_time": "2025-04-23T16:06:40Z",
            "import_time": "2025-04-25T09:36:48.378515188Z",
            "sha256": "29a9a863c597f4d01aea243a9cc2ebd5db87885ecc9862fc0fd6f6d939f84ca8",
            "source": "reversing-labs"
        },
        {
            "id": "pypi/2025-03-randomwifi/sccket",
            "modified_time": "2025-03-31T12:54:29Z",
            "import_time": "2025-12-02T22:30:55.562973462Z",
            "sha256": "7558cc14dded9c7f64761cd8ed338732146e6b61ddd3b71c968d2e6377a0d98f",
            "ranges": [
                {
                    "type": "ECOSYSTEM",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "source": "kam193"
        },
        {
            "id": "pypi/2025-03-randomwifi/sccket",
            "modified_time": "2025-03-31T12:54:29Z",
            "import_time": "2025-12-02T23:07:18.605313748Z",
            "sha256": "5a4f6b8eead6d682b7462da07822a284425fa81c17b9493dd8702ba6a8e5fbb7",
            "ranges": [
                {
                    "type": "ECOSYSTEM",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "source": "kam193"
        },
        {
            "versions": [
                "3.8.5.1"
            ],
            "id": "pypi/2025-03-randomwifi/sccket",
            "modified_time": "2025-03-31T12:54:29Z",
            "import_time": "2025-12-10T21:38:57.807880232Z",
            "sha256": "9c7237e454f177da0144ef00ff3861b1fe63c349927f9beb8bbe1f929b441790",
            "source": "kam193"
        },
        {
            "id": "RLUA-2026-00746",
            "modified_time": "2026-03-18T12:18:39Z",
            "import_time": "2026-03-19T12:20:26.460021036Z",
            "sha256": "a1b968038107877a33903b39d4533fc7678966f178aab33176cf738d218b6d43",
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

PyPI / sccket

Package

Affected ranges

Affected versions

3.*
3.8.5.1

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/sccket/MAL-2025-3469.json"