Which versions of botbooster are malicious?

The following PyPI versions of botbooster are flagged malicious: 0.0.1, 0.0.2, 0.0.3. Treat any of these as compromised.

How do I remediate botbooster if I installed it?

botbooster is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed botbooster — how do I know if it already compromised me?

If botbooster was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is botbooster part of a known attack campaign?

Yes — botbooster is associated with the 2026-02-old-botbooster campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find botbooster across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for botbooster (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging botbooster across your stack and pipelines.

Malicious package

botboosterPyPI

Malicious code in botbooster (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2026-1097

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall botbooster

What this malware does

When using the provided function, code exfiltrates the sensitive token from local settings.json to the hardcoded location.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-02-old-botbooster

Reasons (based on the campaign):

exfiltration-credentials

Malicious versions

3 flagged

0.0.10.0.20.0.3

Indicators of compromise (SHA-256)

0ac97422a8ea78df8c5538d0dbada7aad5720510773f1855cf5e4b5a9cbc56cb

aad6702fb7eebe36b9e7515743305d8633f9a554e1495f586fcdba178f7e1bcb

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for botbooster (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging botbooster across your stack and pipelines.
If you installed it — respond
botbooster is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If botbooster was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks botbooster before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. botbooster on PyPI has been identified as a malicious package (versions 0.0.1, 0.0.2, 0.0.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2026-02-old-botbooster

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193) · analyst

Detect & block this

O3 blocks botbooster-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring