Which versions of reques are malicious?

The following PyPI versions of reques are flagged malicious: 2.28.1. Treat any of these as compromised.

How do I remediate reques if I installed it?

reques is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed reques — how do I know if it already compromised me?

If reques was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is reques part of a known attack campaign?

Yes — reques is associated with the RLMA-2025-01233, 2025-01-rqsts, RLUA-2026-00701 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find reques across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for reques (version 2.28.1). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging reques across your stack and pipelines.

Malicious package

requesPyPI

Malicious code in reques (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-1990

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall reques

What this malware does

Clone of the requests package that modified the code to send all get and post requests to a hardcoded URL

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-01-rqsts

Reasons (based on the campaign):

clones-real-package
dependency-confusion
action-hidden-in-lib-usage

Malicious versions

1 flagged

2.28.1

Indicators of compromise (SHA-256)

461c1cabe5473baebc60d01c24a90d36a9cdce34d7bdedbf2c196fe390ad641c

69fc18480a77f17458806ca2789c1dac4bd2a917b35d856946444f9e95485679

7f1c117835fcc30eb4ff0ff5c9426d10011537b644ddea270fcdaba17ed7050e

09d3c0352a1fb4c7c4a6b01046a94ed81f170bc45a5a5b1799301e82c1d8d295

ee8d598e2ac511324fd47166cd7a337a623b3c767bb02c74d1dc711a60dc9223

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for reques (version 2.28.1). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging reques across your stack and pipelines.
If you installed it — respond
reques is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If reques was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks reques before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. reques on PyPI has been identified as a malicious package (version 2.28.1 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-012332025-01-rqstsRLUA-2026-00701

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks reques-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring