Which versions of databasenaps are malicious?

The following PyPI versions of databasenaps are flagged malicious: 0.0.4, 0.0.5. Treat any of these as compromised.

How do I remediate databasenaps if I installed it?

databasenaps is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed databasenaps — how do I know if it already compromised me?

If databasenaps was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is databasenaps part of a known attack campaign?

Yes — databasenaps is associated with the 2026-03-roboat-addition campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find databasenaps across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for databasenaps (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging databasenaps across your stack and pipelines.

Malicious package

databasenapsPyPI

Malicious code in databasenaps (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2026-2502

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall databasenaps

What this malware does

During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap.

The campaign is built over a malicious Roblox API wrapper. The roboat[.]pro (later robase[.]app) domain advertises a wrapper that is either directly malicious (as roboat collected in the campaign 2026-03-rowrap) or uses a malicious dependencies (like roboat-utils). New versions are published simultaneously with malicious dependencies and quickly removed. Another advertisement channel is https://github.com/Addi9000/roboat referencing two active contributors: https://github.com/Addi9000 and https://github.com/RoCruise

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-03-roboat-addition

Reasons (based on the campaign):

The package overrides the install command in setup.py to execute malicious code during installation.
Downloads and executes a remote executable.
The malicious code is intentionally included in a dependency of the package
malware
clones-real-package

Malicious versions

2 flagged

0.0.40.0.5

Indicators of compromise (SHA-256)

dcdb5ffaca610378c6571cb845254450dab94e5883eed2dc1ec3bebc4c82252b

81e16c554b016f2dbf10f7016b860eb0a61e9480126015782b08037a307711a5

8300afefa6531e47e0eadebea715049d8b0f9d48e28e971acac084bef5af5331

65f138acc4eca1518675e9f06a29432959fd2f4729e24741790473ee464b1e0f

ef21e6d3f578b2d71d6007e6e956eb552ce7985896a4617407d56e15fe3d2f6b

4e63193532e90f42a370f4171248ffa344728b4699ba6615fbf61c0e7c9e1366

7d15f816e3e18a9f8ffb68c73e364027529799d3cd86b50019a5d34dcb882d95

f6b36d889ccbe3b7f97fbca05d5bd3b6ecb9d5d3121595d88d5b8ce81929f853

e9ab2596a63d70b04d1e935d438bdb224dd94012a2a321cff300b42f3bb34557

d11c590e4a8a2447e1b4ef81c7dfc292cc2db2a21de708f6cde9392dfb88187f

0abf1d54378c260c05b579b818eb0fbdc0e22d7ffdcae59740498257339a9a3b

b8c972ddc362f6eb1b8b12c561f8a7d59c55cf96f3cbb7571104e3f98ff45f2b

f639a2c2a449e546276b96a1c3983d8c17cfc37dcf2017821853956950fc12af

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for databasenaps (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging databasenaps across your stack and pipelines.
If you installed it — respond
databasenaps is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If databasenaps was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks databasenaps before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. databasenaps on PyPI has been identified as a malicious package (versions 0.0.4, 0.0.5 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2026-03-roboat-addition

References

Credits

Kamil Mańkowski (kam193) · analyst

Detect & block this

O3 blocks databasenaps-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring