Which versions of bibit are malicious?

The following PyPI versions of bibit are flagged malicious: 8.1.4, 8.1.5, 8.1.9. Treat any of these as compromised.

How do I remediate bibit if I installed it?

bibit is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed bibit — how do I know if it already compromised me?

If bibit was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is bibit part of a known attack campaign?

Yes — bibit is associated with the RLMA-2024-10980, 2024-09-bitbit, RLUA-2026-00144 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find bibit across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for bibit (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging bibit across your stack and pipelines.

Malicious package

bibitPyPI

Malicious code in bibit (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2024-11535

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall bibit

What this malware does

When running the module, this package attempts - depending on the version - to exfiltrate user files, a screenshot, or crypto wallets data (8.1.4).

Later continued under different package names.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2024-09-bitbit

Reasons (based on the campaign):

files-exfiltration
crypto-related

Malicious versions

3 flagged

8.1.48.1.58.1.9

Indicators of compromise (SHA-256)

a3f54a7f33700038f4fc6cfbc3721a13d3583600d7a38fc6852a84412d170c07

3771330914ebe6273f9436a2d727547add61e899bb03a20275e4d3f257a72807

e944b3bd6b920bf1cfd786ed25cc65b504bd5701203981a460a9c162a0fc282d

8f4989fe824678920d23bb6ee0047e28ed64ca1f09675cca64f7f200fc26958b

a506d3a9ad8b23ac03db8d1d5fb49b866689e1c8b652796935204dc14f05ae69

e5271d2ed5a9a002b870459531382961c744a4f0fe5606fa09912ebfccf27463

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for bibit (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging bibit across your stack and pipelines.
If you installed it — respond
bibit is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If bibit was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks bibit before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. bibit on PyPI has been identified as a malicious package (versions 8.1.4, 8.1.5, 8.1.9 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2024-109802024-09-bitbitRLUA-2026-00144

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks bibit-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring