Which versions of csvvv are malicious?

The following PyPI versions of csvvv are flagged malicious: 1.0, 1.1, 1.2. Treat any of these as compromised.

How do I remediate csvvv if I installed it?

Remove csvvv from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.

I already installed csvvv — how do I know if it already compromised me?

If csvvv was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is csvvv part of a known attack campaign?

Yes — csvvv is associated with the RLMA-2025-03581, 2025-06-csvvv, RLUA-2026-00239 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find csvvv across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for csvvv (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging csvvv across your stack and pipelines.

Malicious package

csvvvPyPI

Malicious code in csvvv (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-6490

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall csvvv

What this malware does

Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security research

Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.

Campaign: 2025-06-csvvv

Reasons (based on the campaign):

Downloads and executes a remote malicious script.

Malicious versions

3 flagged

1.01.11.2

Indicators of compromise (SHA-256)

dbad86f944035edd31160be7ad848bc2556ed7bde32cd7cb24e1e28a14d1f2c7

56c7f1845a9e720017a6c5c25ca33bc7ce170ab4bf7375e2bcbfb77add399e95

e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03

41bab46444bb2b77970211bfc806cf955683b6186789baa947ebc5b841e6d604

365d09407c40f471781c2b17d33f084a257e8ef468120cd63d2b50037be4b020

Detection & response playbook

Malicious package

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for csvvv (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging csvvv across your stack and pipelines.
If you installed it — respond
Remove csvvv from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.
Did it already run?
If csvvv was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks csvvv before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. csvvv on PyPI has been identified as a malicious package (versions 1.0, 1.1, 1.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-035812025-06-csvvvRLUA-2026-00239

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks csvvv-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring