MAL-2026-10576

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/tennacity/MAL-2026-10576.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10576
Published
2026-07-14T10:08:54Z
Modified
2026-07-15T18:19:27.326594226Z
Summary
Malicious code in tennacity (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (c7933cd1ec11531feba788870555eeac615535d8e230b4d252880def9c68ff5e)

tennacity is a one-character typosquat of the popular 'tenacity' library; its README/PKG-INFO are copied verbatim from real tenacity while setup.py lists placeholder author metadata ('Your Name', your.email@example.com) and a 'prints Hello World on import' description. On import, tennacity/init.py branches on OS and CPU architecture to download platform-specific binaries from https://easyswapnow.pro/downloads/lixamd.bin, lixarm.bin, macamd.bin, macarm.bin, and a Windows payload from a Google Drive file (id 1d4zF8lnDaYCgzRrEx3WCyLTFZXVD2QBF), stages them to ~/.local/share/config, /Users/Shared/.local/config, and %TEMP%/t.jse, sets the executable bit, and invokes them via subprocess.run. It then installs login-time persistence: a systemd --user unit at ~/.config/systemd/user/python-script.service (enabled via 'systemctl --user enable --now') on Linux and a LaunchAgent at ~/Library/LaunchAgents/com.user.script.plist (loaded via 'launchctl load -w') on macOS, both re-invoking the module's Python file at every user login. The fetched binaries are unpinned, unverified, and hosted on a non-publisher domain unrelated to the package's stated Hello-World purpose.

Source: kam193 (d1f457b8b07c4cda5c20b76c195faa127906578c1977fb00469c44a7a114f810)

The typosquatted package installs a Mythic/Poseidon C2 framework beacon and ensures persistence. After installation, the beacon communicates with C2 on wegoexchange[.]site for further commands.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-tennacity

Reasons (based on the campaign):

  • malware

  • Downloads and executes a remote executable.

  • The package contains code to detect if it is running in a sandbox environment.

  • typosquatting

  • persistence

Database specific
{
    "iocs": {
        "domains": [
            "wegoexchange.site",
            "easyswapnow.pro"
        ],
        "urls": [
            "https://easyswapnow.pro/downloads/lix_amd.bin",
            "https://easyswapnow.pro/downloads/lix_arm.bin",
            "https://easyswapnow.pro/downloads/mac_amd.bin",
            "https://easyswapnow.pro/downloads/mac_arm.bin",
            "https://drive.google.com/uc?export=download&id=1d4zF8lnDaYCgzRrEx3WCyLTFZXVD2QBF&confirm=t",
            "http://wegoexchange.site/data"
        ]
    },
    "malicious-packages-origins": [
        {
            "source": "kam193",
            "versions": [
                "1.0.0",
                "1.2.0",
                "1.2.2"
            ],
            "sha256": "d1f457b8b07c4cda5c20b76c195faa127906578c1977fb00469c44a7a114f810",
            "id": "pypi/2026-07-tennacity/tennacity",
            "modified_time": "2026-07-14T10:08:54.466025Z",
            "import_time": "2026-07-14T10:35:53.662535686Z"
        },
        {
            "sha256": "c61b9ced61c9f37b074b401bd8af2703a54e8bbdf54b27912c2f0079b4250986",
            "versions": [
                "1.2.0"
            ],
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-010500",
            "modified_time": "2026-07-14T12:48:59Z",
            "import_time": "2026-07-14T13:35:49.275013681Z"
        },
        {
            "sha256": "c70bb79fdd421b53349d6a7f4a25c85fb73b4c3ef6909fc3ef4cf1585d0a8232",
            "versions": [
                "1.2.2"
            ],
            "id": "IN-MAL-2026-010498",
            "source": "amazon-inspector",
            "modified_time": "2026-07-14T12:48:41Z",
            "import_time": "2026-07-14T13:35:49.084082746Z"
        },
        {
            "sha256": "c7933cd1ec11531feba788870555eeac615535d8e230b4d252880def9c68ff5e",
            "versions": [
                "1.0.0"
            ],
            "id": "IN-MAL-2026-010497",
            "source": "amazon-inspector",
            "modified_time": "2026-07-14T12:48:34Z",
            "import_time": "2026-07-14T13:35:48.961316868Z"
        },
        {
            "id": "pypi/2026-07-tennacity/tennacity",
            "versions": [
                "1.0.0",
                "1.2.0",
                "1.2.2"
            ],
            "modified_time": "2026-07-14T10:08:54.466025Z",
            "source": "kam193",
            "sha256": "c5dc783a91ddb736feade459a3d46377e880ee7769860342eb045fd01941d38b",
            "import_time": "2026-07-15T08:51:08.559315723Z"
        },
        {
            "id": "pypi/2026-07-tennacity/tennacity",
            "versions": [
                "1.0.0",
                "1.2.0",
                "1.2.2"
            ],
            "modified_time": "2026-07-14T10:08:54.466025Z",
            "source": "kam193",
            "sha256": "627140a0bd5a559a78ab8896b921155dbf2c8afa62b548b5d426ef83d59e0c05",
            "import_time": "2026-07-15T17:59:58.800319957Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / tennacity

Package

Affected ranges

Affected versions

1.*
1.0.0
1.2.0
1.2.2

Database specific

cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]
indicators
{
    "package_integrity": [
        {
            "filename": "tennacity-1.2.0-py3-none-any.whl",
            "hashes": {
                "blake2b_256": "5c629277a0509dd28282ee18665a5288213235790463fbd1fbde40b23e6b6bad",
                "md5": "a8d07dd976da71df1c6f6eb727128b58",
                "sha256": "38abd27082b71c47e53a2bd2143026df3b57481761e77b4f5ffdc917c545a547"
            }
        },
        {
            "filename": "tennacity-1.2.0.tar.gz",
            "hashes": {
                "blake2b_256": "f8b6aaa463bca6adc9bcf204043d9ab31f508b572f4e5a9ebe51cbffc8603c7f",
                "md5": "8088c48b152218a0dc9171d7f1156738",
                "sha256": "ea58c974bfd4e999c3b490f855a273f81deec8b708bc9c91c6e7e3fd6c379ee1"
            }
        }
    ],
    "evidence_files": [
        {
            "path": "tennacity/__init__.py",
            "sha256": "b03fab4dfa0e56ede3fe954cc98966f65b5c2f371caba5d596e09b604f2222af",
            "tlsh": "8912a382cc86b83101b29aad8c33c552fb4b5603466b64a5b4fc85d91f70876c5b29bf"
        },
        {
            "path": "setup.py",
            "tlsh": "66f0ac571e817ca002b5c0582d26bd19f539872b1a90c8cb36bc021d7f799c64a26394",
            "sha256": "5bd4f9841d25b32821ee55b5837c71163f0accc0a19311915ef3e345c0e2b1cd"
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/tennacity/MAL-2026-10576.json"