MAL-2026-5458

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ultimate-ai-power/MAL-2026-5458.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-5458
Published
2026-06-09T16:53:29Z
Modified
2026-06-11T13:46:36.292680426Z
Summary
Malicious code in ultimate-ai-power (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (90499eb8f54fcc67c067ef7d5397153b4abfc5bbca9d96e7deb291152f49ed3f)

On import ultimate_ai_power, the package's top-level init.py collects the local username (getpass.getuser) and resolved host IP (socket.gethostbyname) and POSTs them to a hardcoded Telegram Bot API endpoint (bot token 8844473290:AAGY..., chatid 7095972030); a second beacon is sent via an atexit handler. The advertised AI functions (aipowerboost, neuralenhance, quantum_compute) are placeholders that return constant strings — the package has no real functionality beyond the exfiltration beacon. Metadata uses a placeholder author 'AI Innovation Labs' with a non-existent GitHub org. Cover-story messages in the beacon payload are written in Russian. Any installer who imports the package leaks identifying host/user information to the attacker.

Source: kam193 (70f226090d6e1bc8acebdeff932907dda5bcf88c21b6c47d25360cd69a606f0d)

Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.


Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.

Campaign: GENERIC-standard-pypi-install-pentest

Reasons (based on the campaign):

  • The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.

  • The package overrides the install command in setup.py to execute malicious code during installation.

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "1.0.0"
            ],
            "sha256": "70f226090d6e1bc8acebdeff932907dda5bcf88c21b6c47d25360cd69a606f0d",
            "source": "kam193",
            "modified_time": "2026-06-09T16:53:29.551414Z",
            "import_time": "2026-06-09T17:45:57.534521243Z",
            "id": "pypi/GENERIC-standard-pypi-install-pentest/ultimate-ai-power"
        },
        {
            "versions": [
                "1.0.0"
            ],
            "sha256": "90499eb8f54fcc67c067ef7d5397153b4abfc5bbca9d96e7deb291152f49ed3f",
            "modified_time": "2026-06-11T13:06:25Z",
            "source": "amazon-inspector",
            "import_time": "2026-06-11T13:27:20.84823521Z",
            "id": "IN-MAL-2026-005735"
        },
        {
            "versions": [
                "1.0.0"
            ],
            "sha256": "4ffa5cc89780d430fb5cea5c6c9916d5369443a431c74cc46beb1c7ebb23c763",
            "modified_time": "2026-06-11T13:06:25Z",
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-005736",
            "import_time": "2026-06-11T13:27:20.885338232Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / ultimate-ai-power

Package

Name
ultimate-ai-power
View open source insights on deps.dev
Purl
pkg:pypi/ultimate-ai-power

Affected ranges

Affected versions

1.*
1.0.0

Database specific

indicators
{
    "package_integrity": [
        {
            "filename": "ultimate_ai_power-1.0.0-py3-none-any.whl",
            "hashes": {
                "sha256": "8a95c959d0c5b02efe5b9687060423cf78ff2a187f9b1c0e41b944d00f2fac41",
                "md5": "b75ac81c854da96d55f42d021dd86edf",
                "blake2b_256": "ca1cc178e8075001b0c0fd1dd0a5501373f9fca857fcd6420bfd148a9e1ab882"
            }
        },
        {
            "filename": "ultimate_ai_power-1.0.0.tar.gz",
            "hashes": {
                "sha256": "b7745bd67c11e211714b1254d6e4ae202e58f7ca6998e2701393c5b1e2786435",
                "md5": "77954527f4cd32fbedaedf48fce2ad0d",
                "blake2b_256": "3742802bbd4cb03862c91d437e69436840cc8d2b2cc27928cef2b003bea8b4d1"
            }
        }
    ],
    "evidence_files": [
        {
            "sha256": "7224250450ce51f8fb00fdd1f136cd6b430c22745e4e582c83a313e692e386a7",
            "path": "src/ultimate_ai_power/__init__.py",
            "tlsh": "55513217ed1e1510a272816fa441e1ade92a621b2b496433f8ecc6719f75c32c2f57dc"
        }
    ],
    "domains": [
        "api.telegram.org"
    ]
}
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/ultimate-ai-power/MAL-2026-5458.json"
cwes
[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]