Highly suspicious campaigns¶
Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
Campaigns in the category¶
HIGHLY_SUSPICIOUS¶
- 2024-10-devilninja
- 2024-10-old-mlinstrumentation
- 2024-10-old-nioshell
- 2024-11-fast-dler
- 2024-11-pc-metrics-collector
- 2024-11-rkpairip
- 2024-11-taoreg
- 2024-11-unzipxz
- 2024-12-fhetalib
- 2024-12-tonki
- 2024-12-txtstorage
- 2025-01-Sajode
- 2025-01-denisemyname9
- 2025-01-uniapi
- 2025-02-pydantickits
- 2025-02-server-operator
- 2025-03- khuangxt
- 2025-03-spotek
- 2025-04-blackspammerbd-vx1
- 2025-04-kql
- 2025-04-norsodikin
- 2025-04-pocinfo
- 2025-05-EmbedUtils
- 2025-05-invoke-agent
- 2025-05-keybard
- 2025-06-akamai-packages
- 2025-06-dcrb
- 2025-06-encryptionyg
- 2025-06-exorigsim
- 2025-06-phishermanx
- 2025-06-tk-async
- 2025-07-aminobot
- 2025-07-cas-base
- 2025-07-devkek
- 2025-07-nexlang
- 2025-07-reade
- 2025-07-telemaster
- 2025-08-ai-mesh-sdk
- 2025-08-ipfind-microtip
- 2025-08-payloop
- 2025-08-rsacracker
- 2025-08-tpcti
- 2025-09-9a2jkf2
- 2025-09-instaweb
- 2025-10-requestet-loader
- 2025-10-sicksec-mcp
- 2025-10-starexx
- 2025-11-BLACK-ZER-0
- 2025-11-closelove
- 2025-11-stcchecker
- 2025-11-tiktok-afriton
- 2025-11-wallet-tracking
- 2025-12-aicloudforge
- 2025-12-google-api-canary-service
- 2025-12-suficloud
- 2026-01-aintect
- 2026-01-moti
- 2026-01-old-web3http
- 2026-01-pc-health-check
- 2026-01-t402
- 2026-02-claude-code-plugins-v1
- 2026-02-flycalc
- 2026-02-iploop
- 2026-02-purpleflea
- GENERIC-highly-suspicious-obfuscation
- GENERIC-other-risky
- GENERIC-research-only-local