spellcheckers
MAL-2025-191533
PyPItyposquat11/15/2025
Description
Malicious code in spellcheckers (PyPI)
Indicators of Compromise
SHA256 Hashes (8)
c83520810b148ec74e509b16851a1fafa1bec576b502a5debabd9b52520d9754
be6181a6e093f3690fb5ea437000e85951c02043f8e9c04d51129adf65e1ba47
6585d4c29dd97a1e46f30047c7d67a6e4bbb19f9b41bc1f9ff0b5fc34b839c75
f1480b0a527a5822a51a4c61b868fd8f3adbcf1d117e98fb5c3cd776a1a8dd0d
079f275754257ece01048207316e48f31bf7b67b5374a442eaf430c29c0e324e
c08a71d4505792aedda6306cf827fe3bae40ffc887922bd1869dc08c27bd18ff
38fcddbdb282b32cfe5f0ec1a7d026f8247e88fc164d34ecdda8d53294ec37f2
94d56ad51850af2cd423312c4fd3ff9b1bacf1a84684cde7998740e91aa80dd3
Domains (1)
dothebest.store
References (5)
https://helixguard.ai/blog/malicious-spellcheckers-2025-11-19OSVhttps://securityonline.info/pypi-typosquat-delivers-multi-layer-python-rat-bypassing-scanners-with-xor-encryption/OSVhttps://helixguard.ai/blog/malicious-spellcheckers-2025-11-19OSVhttps://bad-packages.kam193.eu/pypi/package/spellcheckersOSVhttps://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-ratOSV
Details
EcosystemPyPI
Attack Typetyposquat
Published11/15/2025
Quick Actions