hellodista

MAL-2025-5653

PyPImalware7/4/2025
Description

Malicious code in hellodista (PyPI)

Indicators of Compromise
SHA256 Hashes (5)
3311ae2d4539920be4c0baaaa8587368a7c562bf75e9ec8a8b27fa42898f906f
cfaa0efa2c66eddd3954987b56498787b31acaaae397e9476f7295c649319d75
961a1dc182f3246147be4cd32a42789f1cfffb8cccb19dd7d66b6ae1e09ce58e
988e08e45c0c2fdbdf337e012d3930d14eedbe4add858a55cee2156849033b90
ea9a22b2cdd8bb2163a057349eecad0dace8d2f5e6b2df2c33a60e5f220ab2c6
Domains (3)
chrome-data-receiver.up.railway.appchrome-extract.up.railway.appvell-production.up.railway.app
References (1)
https://bad-packages.kam193.eu/pypi/package/hellodistaOSV
Details
EcosystemPyPI
Attack Typemalware
Published7/4/2025
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001