Which versions of gmacpyutil are malicious?

The following PyPI versions of gmacpyutil are flagged malicious: 9999.0.0. Treat any of these as compromised.

How do I remediate gmacpyutil if I installed it?

gmacpyutil is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed gmacpyutil — how do I know if it already compromised me?

If gmacpyutil was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is gmacpyutil part of a known attack campaign?

Yes — gmacpyutil is associated with the RLMA-2025-00468, GENERIC-questionable-pentest, RLUA-2026-00356 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find gmacpyutil across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for gmacpyutil (version 9999.0.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging gmacpyutil across your stack and pipelines.

Malicious package

gmacpyutilPyPI

Malicious code in gmacpyutil (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-929

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall gmacpyutil

What this malware does

Generic campaign for all (likely) research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: GENERIC-questionable-pentest

Reasons (based on the campaign):

exfiltration-env-variables
exfiltration-generic
The package overrides the install command in setup.py to execute malicious code during installation.
typosquatting

Malicious versions

1 flagged

9999.0.0

Indicators of compromise (SHA-256)

ec1b19c7c1d99be2b6a6d3d82bb035bb478134434ce8eb75a8e838a7c1a04067

dfdf01e51113472247c2fdf78cf5d4e7641ca9551a8c7b080379e93bd5948946

7522b589abf570f1591bcd3eb29e4a900791d28901d30c5b57f151e899f94839

70dc86e372758b0230d5ad4dbc2def38e96ecd7b952799ea1ec5d1d31d585fc2

9b711d6ff3d3dec34d1937496528c62b23cdf06ca260fbb5cfa569ec613126b3

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for gmacpyutil (version 9999.0.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging gmacpyutil across your stack and pipelines.
If you installed it — respond
gmacpyutil is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If gmacpyutil was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks gmacpyutil before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. gmacpyutil on PyPI has been identified as a malicious package (version 9999.0.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-00468GENERIC-questionable-pentestRLUA-2026-00356

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks gmacpyutil-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring