Which versions of memorylib are malicious?

The following PyPI versions of memorylib are flagged malicious: 2.0.0. Treat any of these as compromised.

How do I remediate memorylib if I installed it?

memorylib is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed memorylib — how do I know if it already compromised me?

If memorylib was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is memorylib part of a known attack campaign?

Yes — memorylib is associated with the RLMA-2025-03645, 2025-07-memlib, RLUA-2026-00512 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find memorylib across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for memorylib (version 2.0.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging memorylib across your stack and pipelines.

Malicious package

memorylibPyPI

Malicious code in memorylib (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-6548

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall memorylib

What this malware does

Installing the package triggers a code that looks like downloading a picture, but in fact downloads and starts an executable with malware. Note that file supplied from the URL differs depending on the presence of the special header

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-07-memlib

Reasons (based on the campaign):

The package overrides the install command in setup.py to execute malicious code during installation.
Downloads and executes a remote executable.
malware

Malicious versions

1 flagged

2.0.0

Indicators of compromise (SHA-256)

643a8f4649e49bb859b093dac6483e2aa54f19785caba56af33d2c47abaa1f31

0a46cbc08217ed3919e3cbaea07fa12b4f90741f8aa03f6ba45d751dd032d30d

be3ea3afb3553f67411c8bebff9d99282169997e212b5ee1dd14505d1612d551

3b4d3c5bf0a8ed32d5e14abefc02e69ff02f201f27a5090536c521a7517fa751

6eeadcc4a4c3a1edfc874d73ce1fd4339ccc6fca3b81a0b131253d67e38e510c

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for memorylib (version 2.0.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging memorylib across your stack and pipelines.
If you installed it — respond
memorylib is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If memorylib was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks memorylib before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. memorylib on PyPI has been identified as a malicious package (version 2.0.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-036452025-07-memlibRLUA-2026-00512

References

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks memorylib-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring