Skip to content

MALICIOUS (1) package from Python Package Index.

  1. The campaign has clearly malicious intent, like infostealers.

openclaw-agent

Affected versions: (1) 1.0.3

  1. Version numbers are usually added automatically. In most cases, the packages listed here were created only to distribute malicious code.

Campaign data

Campaign information may not always be 100% accurate for every related package.

Campaign description

The package is intended to create a backdoor and steal sensitive data, but the analyzed code did not finally exfiltrate the content of sensitive files.

See more details on the campaign page.

backdoor

Campaign targets backdoor.

crypto-related

Malicious activity is related to cryptocurrencies or blockchain, e.g. stealing crypto wallets.

exfiltration_generic

Campaign targets exfiltration_generic.

impersonation

Campaign targets impersonation.

override_install

The package overrides the install command in setup.py to execute malicious code during installation.

peristence_autorun

Campaign targets peristence_autorun.

persistence

Campaign targets persistence.

Look up in other services

  1. May not be available. See more in pypi-json-data repository.
  2. Open Source Insights project, provided by Google.
  3. Service from Socket.dev, a cybersecurity company.
  4. Spectra Assure Community, a service from ReversingLabs, a cybersecurity company.
  5. Service from Snyk, a cybersecurity company.