MAL-2024-5077
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/discorder/MAL-2024-5077.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MAL-2024-5077
- Aliases
-
- SNYK-PYTHON-DISCORDER-3262852
- Published
- 2024-06-25T13:34:54Z
- Modified
- 2024-10-24T01:01:58Z
- Summary
- Malicious code in discorder (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
- Database specific
{ "malicious-packages-origins": [ { "sha256": "d2be8e639dd2a63ef9a9b4b28b51d034fe84e77494cf61df444643fa59e8244f", "import_time": "2024-06-28T02:48:51.399744099Z", "versions": [ "2.8" ], "id": "RLMA-2024-03857", "source": "reversing-labs", "modified_time": "2024-06-25T13:34:54Z" }, { "sha256": "8c7f97ff77cddb2ae19d6f1e480700acd8e586d7eea02b432375687a1dab6766", "import_time": "2024-10-24T00:59:07.892711459Z", "id": "RLUA-2024-08155", "source": "reversing-labs", "modified_time": "2024-10-16T14:39:54Z" } ] }- References
-
- https://blog.phylum.io/a-deep-dive-into-powerat-a-newly-discovered-stealer-rat-combo-polluting-pypi/
- https://security.snyk.io/vuln/SNYK-PYTHON-DISCORDER-3262852
- https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-create-cloudflare-tunnels-to-bypass-firewalls
- https://research.jfrog.com/malicious-packages/
- Credits
-
-
- ReversingLabs - FINDER
-
Affected packages
PyPI / discorder
Package
- Name
- discorder
- View open source insights on deps.dev
- Purl
- pkg:pypi/discorder