roboat-additions

MAL-2026-2280

PyPImalware3/28/2026
Description

Malicious code in roboat-additions (PyPI)

Indicators of Compromise
SHA256 Hashes (10)
6e8249fcecd9e50d0a15f76664e1217784ee8a5d1412a159cc076eff2cf57a78
8821279183dbb447693e0a2a66d9b262fc34d063cd0b75158160a70131bce036
558a2961bad2da46037dab165a9187c76126fafc69b51c91b8b73a3f0a16b5a2
06d6a3471197c97a19d59f4e5e987000e3fed447ce9449325a8be19b86a1f889
650645603340ae7ece2cdd474c4358c430b96d4c3512c9b62af264b5b709200f
70dd8f359a78dc1edd3a6f49bb17667a5614f46df7a7b0846704263f31e5990d
f0e7a8003b676a321abb4c3f158c0ead59fa2193e25285808f30504b340345a3
14a9ba638c728ba5ff58cc8220da65cb36ecf1dc507272f6a601c6b8e81cc9ab
1af64a27f6bd87cbd380cb838d6c8c06696f9497c246fe348d5af1bbc17f6122
320933c38d22ef6e76ca4866c11b33cbf245976661410c5ecef5dfc47e0b5fd8
Domains (1)
jolly-violet-def9.staraledreamer.workers.dev
References (9)
https://www.virustotal.com/gui/file/9f14d239ab8f1289bc7aedeb67d3d72b467ee6c11b201890ab14c5c4f7c175d2/detectionOSVhttps://bad-packages.kam193.eu/pypi/package/roboat-additionsOSVhttps://www.virustotal.com/gui/file/48b108261d5de97a42eff81cf1a60a32286f72bf8b5f130959e0daa86b783608OSVhttps://www.virustotal.com/gui/file/ef20289b52ab23ec23c5ff885a2293523ce8456fb00e3d67f1b084c28f7d282a/detectionOSVhttps://github.com/Addi9000/roboat/blob/331166c8ea3bd080f08fe6d571202e3b47017ed7/README.md#L31OSVhttps://github.com/Addi9000/roboat/commit/331166c8ea3bd080f08fe6d571202e3b47017ed7OSVhttps://github.com/Addi9000OSVhttps://github.com/RoCruiseOSVhttps://www.roboat.pro/OSV
Details
EcosystemPyPI
Attack Typemalware
Published3/28/2026
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001