What does the pyrtp malware do?

Importing the module starts an infostealer Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouilles Reasons (based on the campaign): - infostealer - infostealer:kiwi - infostealer:cstealer - exfiltration-generic - exfiltration-browser-data - exfiltration-credentials - files-exfiltration - The package contains code to detect if it is running in a sandbox environment.

Which versions of pyrtp are malicious?

The following PyPI versions of pyrtp are flagged malicious: 1.6.3. Treat any of these as compromised.

How do I remediate pyrtp if I installed it?

pyrtp is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed pyrtp — how do I know if it already compromised me?

If pyrtp was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is pyrtp part of a known attack campaign?

Yes — pyrtp is associated with the 2025-11-mescouilles, RLMA-2025-06583, RLUA-2026-00644 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find pyrtp across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for pyrtp (version 1.6.3). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging pyrtp across your stack and pipelines.

Malicious package

pyrtpPyPI

Malicious code in pyrtp (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-191837

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall pyrtp

What this malware does

Importing the module starts an infostealer

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-11-mescouilles

Reasons (based on the campaign):

infostealer
infostealer:kiwi
infostealer:cstealer
exfiltration-generic
exfiltration-browser-data
exfiltration-credentials
files-exfiltration
The package contains code to detect if it is running in a sandbox environment.

Malicious versions

1 flagged

1.6.3

Indicators of compromise (SHA-256)

aa0c802d07e0be7449ee0dccb13e77216fe119a24b1f1addae74898cc12ff943

f77b4d5bf456d6805b724bbedc6baa9f7fb3cc95e6ab6aace6861bfcd56aec1f

fe83bd74c533c8dddfc3bf5fc817f5d46d9a0fafbb4b6b1c29fd79b08bff9ffe

6b5b0bdbdeb18681d84c156a2dd060ba28fa8b05b8adb1365715a2acccff2be6

1685c18348de405fffa3d85618f7ec2c12164097a1a5cfa266f66675597f895f

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for pyrtp (version 1.6.3). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging pyrtp across your stack and pipelines.
If you installed it — respond
pyrtp is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If pyrtp was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks pyrtp before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. pyrtp on PyPI has been identified as a malicious package (version 1.6.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2025-11-mescouillesRLMA-2025-06583RLUA-2026-00644

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks pyrtp-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring