Spectra Assure
Community
Docs
failIncident: Malware
Scanned: 3 days ago

zebo

Artifact:
latest
malicious
Research
A sample package with a post-install script.
License: unknown
Published: about 1 year ago
See on PyPI

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
No known vulnerabilities detected
Hardening
No application hardening issues

Threats

Tampering
2 suspicious application behaviors
Malware
4 supply chain attack artifacts

INCIDENTS FOR THIS VERSION:

malware
about 1 year agoReported By: ReversingLabs (Researcher)
Learn more about malware detection
malware
12 months agoReported By: Community (Snyk)
More info
malware
12 months agoReported By: Community (Fortinet)
More info
List of software behaviors discovered with static code analysis.
Info
Count
Category

Prevalence in PyPI community

Behavior often found in this community (Common)
68 packages
found in
Top 100
508 packages
found in
Top 1k
3570 packages
found in
Top 10k
165477 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
34 packages
found in
Top 100
145 packages
found in
Top 1k
550 packages
found in
Top 10k
10949 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
67 packages
found in
Top 100
520 packages
found in
Top 1k
3993 packages
found in
Top 10k
158349 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
24 packages
found in
Top 100
89 packages
found in
Top 1k
405 packages
found in
Top 10k
9319 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
70 packages
found in
Top 100
534 packages
found in
Top 1k
3771 packages
found in
Top 10k
146071 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
49 packages
found in
Top 100
364 packages
found in
Top 1k
2374 packages
found in
Top 10k
87567 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
9 packages
found in
Top 100
64 packages
found in
Top 1k
344 packages
found in
Top 10k
12195 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
24 packages
found in
Top 100
163 packages
found in
Top 1k
1243 packages
found in
Top 10k
72644 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
32 packages
found in
Top 100
280 packages
found in
Top 1k
2165 packages
found in
Top 10k
147011 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
23 packages
found in
Top 100
124 packages
found in
Top 1k
1144 packages
found in
Top 10k
47120 packages
in community

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.