OceanLotus suspected of using PyPI to deliver ZiChatBot malware

Kaspersky Securelist·21d·Reputable

Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware dubbed ZiChatBot. We attribute this activity to OceanLotus APT.

Categories cybersecurity · government-security · unknown-it-category-15

Original source / advisory ↗

Published

5/6/2026, 1:00:34 PM

Fetched

5/27/2026, 4:13:33 AM

Trust

reputable · 80/100

Language