Which versions of emoted are malicious?

The following PyPI versions of emoted are flagged malicious: 0.1.0. Treat any of these as compromised.

How do I remediate emoted if I installed it?

emoted is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed emoted — how do I know if it already compromised me?

If emoted was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is emoted part of a known attack campaign?

Yes — emoted is associated with the RLMA-2025-05209, 2025-10-regixtest, RLUA-2026-00294 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find emoted across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for emoted (version 0.1.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging emoted across your stack and pipelines.

Malicious package

emotedPyPI

Malicious code in emoted (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-48890

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall emoted

What this malware does

Obfuscated code contains e.g. capabilities for downloading and executing code from a hardcoded location. It's also recognized as malware

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-10-regixtest

Reasons (based on the campaign):

obfuscation
action-hidden-in-lib-usage
Downloads and executes a remote malicious script.
malware

Malicious versions

1 flagged

0.1.0

Indicators of compromise (SHA-256)

50c0661e38bf7756281e18dac7466731b3ab7dda37af05719a8cf2962500ce8b

4f0be160bd8e43897e24f1f52237f48d19c1783a8586a5b0090dd336ecf4691a

1c1542aa2ac34ff34c8c27bcfa0753cb100f1779f8b6acf274ed21c36866b795

03d1a1568763224d371f02ed4dfa7d486de8ec22b5ca0c685c71094960fcfd14

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for emoted (version 0.1.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging emoted across your stack and pipelines.
If you installed it — respond
emoted is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If emoted was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks emoted before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. emoted on PyPI has been identified as a malicious package (version 0.1.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-052092025-10-regixtestRLUA-2026-00294

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks emoted-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring