Supply-chain threat intelligence
Risk score
92
Indexed incident for cosmos-cuda (pypi).
The sdist-only package cosmos-cuda 9999.0.0 executes a beacon function _beacon('build') from setup.py during sdist build/install and _beacon('import') from cosmos_cuda/init.py at import. Both code paths collect the installer's hostname, current username, and current working directory, then transmit them to the hardcoded external host oob.asyncrun.in via a DNS lookup of a crafted FQDN (socket.getaddrinfo) and via an HTTPS/HTTP GET request (urllib.request.urlopen). The package ships only as an sdist and uses version 9999.0.0 so that pip's highest-version resolution selects it when a name collision exists against an internal package resolved through --extra-index-url, forcing setup.py execution during install and producing arbitrary code execution and exfiltration on installers whose environment resolves the name.
Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-standard-pypi-install-pentest
Reasons (based on the campaign):
The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
The package overrides the install command in setup.py to execute malicious code during installation.
Affected versions
Indicators
Timeline