CYBERSECURITY researchers have flagged two malicious PyPI packages, spellcheckerpy and spellcheckpy, which masquerade as spellcheckers but carry a remote access Trojan. The packages were collectively downloaded a little over 1,000 times before being removed, with spellcheckpy version 1.2.0 released on 21 January 2026 triggering the malicious execution.
Hidden inside the Basque language dictionary file was a base64 payload that downloads a full-featured Python RAT, and unlike typical payloads it is stored in a file named resources/eu.json[.]gz containing Basque word frequencies. The downloader payload is triggered when the archive is extracted via test_file("eu", "utf-8", "spellchecker"), and this stage retrieves a Python-based RAT from an external domain updatenet[.]work, whose associated IP is 172.86.73[.]139 and is managed by RouterHosting LLC (aka Cloudzy).
The campaign uses three dormant versions before activating the malicious payload, and researchers say the same threat actor may be behind a prior November 2025 incident involving a package named spellcheckers on PyPI.