Spectra Assure
Community
Docs
failIncident: Malware
Scanned: 3 days ago

yelp-pkg

Artifact:
latest
removed
malicious
Research
Authorized Security Testing Package
License: Permissive (MIT)
Published: 15 days ago
See on PyPI

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
No known vulnerabilities detected
Hardening
No application hardening issues

Threats

Tampering
3 malware-like behaviors found
Malware
3 analyst-vetted malware found

INCIDENTS:

removal
15 days agoReported By: Community
malware
14 days agoReported By: ReversingLabs (Researcher)
Learn more about malware detection
List of software behaviors discovered with static code analysis.
Info
Count
Category

Prevalence in PyPI community

Behavior exclusively used by malicious software (Malicious)
Behavior uncommon for this community (Uncommon)
0 packages
found in
Top 100
0 packages
found in
Top 1k
0 packages
found in
Top 10k
78 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
68 packages
found in
Top 100
508 packages
found in
Top 1k
3570 packages
found in
Top 10k
165477 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
2 packages
found in
Top 100
14 packages
found in
Top 1k
96 packages
found in
Top 10k
2834 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
43 packages
found in
Top 100
264 packages
found in
Top 1k
1666 packages
found in
Top 10k
47165 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
24 packages
found in
Top 100
163 packages
found in
Top 1k
1243 packages
found in
Top 10k
72644 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
32 packages
found in
Top 100
280 packages
found in
Top 1k
2165 packages
found in
Top 10k
147011 packages
in community

Prevalence in PyPI community

Behavior commonly used by malicious software (Important)
Behavior uncommon for this community (Uncommon)
0 packages
found in
Top 100
3 packages
found in
Top 1k
3 packages
found in
Top 10k
639 packages
in community

Prevalence in PyPI community

No behavior prevalence information at this time

Prevalence in PyPI community

Behavior often found in this community (Common)
74 packages
found in
Top 100
606 packages
found in
Top 1k
4422 packages
found in
Top 10k
171320 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
63 packages
found in
Top 100
578 packages
found in
Top 1k
4140 packages
found in
Top 10k
224170 packages
in community

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.