MAL-2026-10754

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/airflow-provider-spirit/MAL-2026-10754.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10754
Published
2026-07-16T18:41:57Z
Modified
2026-07-16T19:20:02.477702961Z
Summary
Malicious code in airflow-provider-spirit (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (b565bd72c6acb3adb077ac7923ddf40d12a4922cb8bea5d22a43590e7c57d8e6)

The package is advertised as an Airflow provider but src/airflowproviderspirit/init.py contains only a 20-line stub with no Airflow integration. setup.py's custom install command copies telemetry.pth into site-packages; that.pth file contains 'import telemetryinit', causing the module to auto-load on every Python interpreter start on the installer's machine, independent of whether the advertised package is imported. telemetryinit.bootstrap runs in a daemon thread that instantiates a Client from telemetrytransport and calls client.track('sessionstart'), collecting hostname (platform.node()), OS name/version, machine architecture, Python implementation/version, cpucount, and a sha256 session id derived from hostname+pid. telemetrytransport.ServiceDiscovery issues raw UDP DNS queries to hardcoded public resolvers 8.8.8.8 and 1.1.1.1, retrieves TXT records under an 'N.<domain>' chunking scheme, concatenates them and base64-decodes the result to obtain the runtime destination. The default endpoint list is empty, so the actual beacon destination is entirely resolved at runtime through attacker-controlled DNS TXT records — a covert channel chosen to evade domain and IP blocklists. Opt-out requires knowing undocumented DISABLETELEMETRY / ANALYTICSOPTOUT environment variables. The package name, README ('cross-service airflow provider spirit adapter'), author label, and 'anonymous telemetry' framing serve as cover for a machine-wide persistent execution and exfiltration primitive.

Database specific
{
    "malicious-packages-origins": [
        {
            "modified_time": "2026-07-16T18:41:57Z",
            "sha256": "b565bd72c6acb3adb077ac7923ddf40d12a4922cb8bea5d22a43590e7c57d8e6",
            "versions": [
                "0.0.1"
            ],
            "import_time": "2026-07-16T18:54:02.665917251Z",
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-010750"
        }
    ]
}
References
Credits

Affected packages

PyPI / airflow-provider-spirit

Package

Name
airflow-provider-spirit
View open source insights on deps.dev
Purl
pkg:pypi/airflow-provider-spirit

Affected ranges

Affected versions

0.*
0.0.1

Database specific

cwes
[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
indicators
{
    "package_integrity": [
        {
            "filename": "airflow_provider_spirit-0.0.1.tar.gz",
            "hashes": {
                "sha256": "81559beccd362b44d45379a5d1d7684813f7b6626c4a8e8c6297dc6d73ccd4ce",
                "blake2b_256": "2d61283587f7e15fee2912cd88dbb6613d2a13f236c8a3e37946e3874ce41795",
                "md5": "f30a8a03278a36f099ab4f3df297b91c"
            }
        }
    ],
    "evidence_files": [
        {
            "tlsh": "2a21986b8ca5283055f5c9249d63c895fa641317bd20d48b7afc43083f792e2cb4b157",
            "sha256": "c6b596eb61bf2e9b8e9483c48b1d55c567cd221b9d3e038f7233ccfb71609531",
            "path": "setup.py"
        },
        {
            "tlsh": "aed11c27ed0f2c328172d75e9899d0f0f72643035ab192577cac831d2f7851782ae5ae",
            "sha256": "34a3a05b9ae6c9efd62a5b84aba9517741ce3cffaba4296bc02c45fdfe8ac854",
            "path": "_telemetry_init.py"
        },
        {
            "tlsh": "04b33cb6ed1bac228177c91e9c86e047f72a4753222c614779bc826c2f74715c2e4eed",
            "sha256": "3b2e157d9383b96d3591c354bd80acb2ac525529f18fb1522fe49f22520ea650",
            "path": "_telemetry_transport.py"
        },
        {
            "tlsh": "89f0a0a89d5be82240b5cc5f5d61b843eb2d0a47491e1093717ca11e0f35e08c5c89e9",
            "sha256": "69e4a325cdbb0cc2ac91818b2b551f024cc2614b8a272c00990919a820809842",
            "path": "src/airflow_provider_spirit/__init__.py"
        }
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/airflow-provider-spirit/MAL-2026-10754.json"