Which versions of bignum are malicious?

The following PyPI versions of bignum are flagged malicious: 0.1.0, 0.1.1, 0.1.2, 0.1.3. Treat any of these as compromised.

How do I remediate bignum if I installed it?

bignum is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed bignum — how do I know if it already compromised me?

If bignum was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is bignum part of a known attack campaign?

Yes — bignum is associated with the 2025-12-graphnode campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find bignum across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for bignum (4 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging bignum across your stack and pipelines.

Malicious package

bignumPyPI

Malicious code in bignum (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-192391

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall bignum

What this malware does

In this incarnation, the package is no longer a clone of networkx, but continues to use the same technique to run secretly remote code and cover tracks

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-12-graphnode

Reasons (based on the campaign):

obfuscation
Downloads and executes a remote malicious script.
clones-real-package

Malicious versions

4 flagged

0.1.00.1.10.1.20.1.3

Indicators of compromise (SHA-256)

251c8009e3a70f8c3a3a8283dc7f2b603838ec892d7773f0b4886122ff0d97c5

badcc187e382c3a293acf848c5d7ba6410d528d8d8d91c0cf7b22f12296d0428

ecb228e362a057089294ed128892c03e65c4b4715d51f9cd841f784fd48f2eea

656d75a27ce114b2fba3bb091b545d3db7c82fbb734020f62d62b4938f68ca6e

d6f427c826c815fcbaa6b8305075886ec381aa576fdda9dfc18298ada41b976f

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for bignum (4 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging bignum across your stack and pipelines.
If you installed it — respond
bignum is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If bignum was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks bignum before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. bignum on PyPI has been identified as a malicious package (versions 0.1.0, 0.1.1, 0.1.2, 0.1.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2025-12-graphnode

References

Credits

Kamil Mańkowski (kam193) · reporter

Detect & block this

O3 blocks bignum-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring