🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP
Sign In

defi-tools

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
This package has been flagged as malicious. It is considered unsafe regardless of version.

The fragment implements a high-confidence dropper/persistence routine: it conditionally decodes an embedded payload, writes it as an executable into a hidden directory under the user’s HOME, installs a cron job to execute it every 12 hours, and performs stealthy cleanup (marker creation, __pycache__ removal) plus targeted removal of other package metadata artifacts containing 'defi_tools'. Although the embedded base64 payload content is not recoverable from the provided snippet, the installer logic and persistence/sabotage behaviors strongly indicate malicious intent. This module should be treated as unsafe without independent verification of the exact payload bytes and what is executed via cron.

defi-tools

DeFi protocol interaction tools — swap, stake, pool analysis helpers

pipPyPI
Version
0.8.0
Weekly downloads
0
Maintainers
1
Weekly downloads
 

DeFi protocol interaction tools — swap, stake, pool analysis helpers

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts