Which versions of w3socket are malicious?

The following PyPI versions of w3socket are flagged malicious: 0.1.0, 0.1.1. Treat any of these as compromised.

How do I remediate w3socket if I installed it?

w3socket is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed w3socket — how do I know if it already compromised me?

If w3socket was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is w3socket part of a known attack campaign?

Yes — w3socket is associated with the RLMA-2025-02013, 2025-02-web3socket, RLUA-2026-00899, RLUA-2026-02084 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find w3socket across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for w3socket (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging w3socket across your stack and pipelines.

Malicious package

w3socketPyPI

Malicious code in w3socket (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-3014

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall w3socket

What this malware does

web3socket: In the class there is a hidden code that loads a binary Python code from a remote location impersonating PyPI Github account web3node: The package is used to download and run remote code by other packages. Files darwin.py, gnu.py and win32.py contain code that adds executing remote code to the crontab as well as an attempt to escalate privileges. w3socket: It uses web3node to start remote code in config.py

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-02-web3socket

Reasons (based on the campaign):

dependency-confusion
impersonation
Downloads and executes a remote malicious script.

Malicious versions

2 flagged

0.1.00.1.1

Indicators of compromise (SHA-256)

02827c7665179ae3b0de814e4e26d33e46361e6c3d470277311e814d1545be07

c037b4c528e4a66879f4f1963660065ea4ca715f4b52d60ee31f7e067b496cf5

729a8001d69369db2b822c1a13ba9363d3dad46299a6ced4e52ab604c3261ec4

f9af39000e0310c4e2fef4a66b3a6ccfafbf4b77dea51d89c4f32e5912765bd7

af6dee850f897ae64bbc69c9dc82cabac294df3bf1129d29f03d3c469f294f09

5ae2803160f6827421d04091073d859e280fdae6c23aa7302de1c0e9bd39e8ef

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for w3socket (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging w3socket across your stack and pipelines.
If you installed it — respond
w3socket is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If w3socket was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks w3socket before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. w3socket on PyPI has been identified as a malicious package (versions 0.1.0, 0.1.1 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-020132025-02-web3socketRLUA-2026-00899RLUA-2026-02084

References

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks w3socket-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring