The package contains additional code to append a hardcoded SSH key to the user's authorized_keys file, creating a backoor, along with exfiltrating user private keys to an attack-controlled server.