Which versions of getpublicip are malicious?

The following PyPI versions of getpublicip are flagged malicious: 1.0.1. Treat any of these as compromised.

How do I remediate getpublicip if I installed it?

getpublicip is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed getpublicip — how do I know if it already compromised me?

If getpublicip was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is getpublicip part of a known attack campaign?

Yes — getpublicip is associated with the 2025-01-markitanalysis campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find getpublicip across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for getpublicip (version 1.0.1). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging getpublicip across your stack and pipelines.

Malicious package

getpublicipPyPI

Malicious code in getpublicip (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-191738

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall getpublicip

What this malware does

If installed using source package, the package collects selected environment variables, including GITHUB_TOKEN if set, and sends to an external service. The package doesn't hide its actions at all, but there are already multiple different packages with the same code.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-01-markitanalysis

Reasons (based on the campaign):

The package overrides the install command in setup.py to execute malicious code during installation.
exfiltration-env-variables

Malicious versions

1 flagged

1.0.1

Indicators of compromise (SHA-256)

f56c896975dfa2769430b4217399151d147441d726f3fdb50ee2002928c4b1e7

041ba7130d1460fe6480d062c61c78db3b88cc5c6d060913d0501fdbdc7c35b0

d000d4ab026e0f4e28815b274d16385177ebf1131d0a55acaddd790387a6ecf3

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for getpublicip (version 1.0.1). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging getpublicip across your stack and pipelines.
If you installed it — respond
getpublicip is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If getpublicip was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks getpublicip before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. getpublicip on PyPI has been identified as a malicious package (version 1.0.1 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2025-01-markitanalysis

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)

Detect & block this

O3 blocks getpublicip-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring