Which versions of wdwq are malicious?

The following PyPI versions of wdwq are flagged malicious: 1.4.3. Treat any of these as compromised.

How do I remediate wdwq if I installed it?

wdwq is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed wdwq — how do I know if it already compromised me?

If wdwq was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is wdwq part of a known attack campaign?

Yes — wdwq is associated with the RLMA-2025-00546, 2025-01-wdwq, RLUA-2026-00914 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find wdwq across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for wdwq (version 1.4.3). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging wdwq across your stack and pipelines.

Malicious package

wdwqPyPI

Malicious code in wdwq (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-1005

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall wdwq

What this malware does

Starting the module starts a Telegram bot client capable of exfiltrating files when requested

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-01-wdwq

Reasons (based on the campaign):

files-exfiltration

Malicious versions

1 flagged

1.4.3

Indicators of compromise (SHA-256)

24e7ebe11f001c5ee60ac46d8388036715dd0b968c78cfc13a3a345723d61b8e

da3e4ebaf7cbaf27ccc80e38e49e9e9ced046743132be201bc2e825f1d17185e

aefeaeba3d2b87141b1e79dbe4e4294e949aaaf9c07f87182bd20234d611bc66

80d185338e6f2e9405c197354c7b880d4c9e9653f1a5ca7ae8513bf2d65c0e2b

7a22db3a80cf2a4f94f4bcd1d72f0d406d5ec9e044758bc66bd79f3303acf282

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for wdwq (version 1.4.3). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging wdwq across your stack and pipelines.
If you installed it — respond
wdwq is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If wdwq was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks wdwq before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. wdwq on PyPI has been identified as a malicious package (version 1.4.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2025-005462025-01-wdwqRLUA-2026-00914

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks wdwq-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring