-= Per source details. Do not edit below this line.=-
setup.py executes a _beacon() function at module top level (before setup() is called), so the payload fires automatically on pip install inversiones-common. The beacon collects: hostname, id/uname output, environment variables (including PIPINDEXURL, OKTATOKEN, AWS*, GITHUB_*, and proxy credentials), /etc/resolv.conf, /etc/hosts, /etc/machine-id, pip configuration files (~/.config/pip/pip.conf, /etc/pip.conf, ~/.pip/pip.conf) which commonly contain private-index basic-auth credentials, pip list output, network interface details, and probes the AWS IMDSv1 endpoint at http://169.254.169.254/latest/meta-data/iam/security-credentials/ along with GCP and Azure metadata services to harvest cloud instance role credentials. The collected JSON blob is POSTed over plain HTTP to a hardcoded bare IP http://157.173.126.113:8888/depconf-rce-v2. The package name inversiones-common and version 99.0.1 (an artificially high version chosen to outrank private-index resolutions) target Fintual's internal namespace; the payload includes a FINTUAL-DEPCONF-RCE-V2 marker and probes gitea.fintual.in. Self-described 'authorized bug bounty' framing in the source does not limit blast radius — anyone whose pip resolver picks up this public package, by typo or namespace confusion, will run the beacon and leak secrets to the attacker IP.
Generic campaign for all (likely) research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: GENERIC-questionable-pentest
Reasons (based on the campaign):
exfiltration-env-variables
exfiltration-generic
The package overrides the install command in setup.py to execute malicious code during installation.
typosquatting
The OpenSSF Package Analysis project identified 'inversiones-common' @ 99.0.1 (pypi) as malicious.
It is considered malicious because:
{
"malicious-packages-origins": [
{
"source": "kam193",
"sha256": "db7e12d838a02b689989300eb5fc231e541d2f4af8fd6d92d23baf697d9754f9",
"modified_time": "2026-06-22T10:56:53.594885Z",
"import_time": "2026-06-22T12:33:31.557578192Z",
"id": "pypi/GENERIC-questionable-pentest/inversiones-common",
"versions": [
"99.0.0",
"99.0.1"
]
},
{
"source": "ossf-package-analysis",
"sha256": "84c429f2131d4d031e80894355e2d5ef70eefa3eccb712653fdd6adeca1fe0c8",
"import_time": "2026-06-22T12:33:26.695149943Z",
"modified_time": "2026-06-22T07:54:20Z",
"versions": [
"99.0.1"
]
},
{
"source": "amazon-inspector",
"sha256": "347a767ebbbb5843e6b005c167d98c9ab7b3ea943fadd88401682f2a2b14b2a4",
"modified_time": "2026-06-22T16:27:37Z",
"import_time": "2026-06-22T16:36:58.75437746Z",
"id": "IN-MAL-2026-007109",
"versions": [
"99.0.1"
]
},
{
"source": "amazon-inspector",
"sha256": "4e39d60f016df0f8ce946f3ffc9ea2a8f28268b1f6519806dc51ce75f50c621b",
"id": "IN-MAL-2026-007110",
"import_time": "2026-06-22T16:36:58.833840283Z",
"modified_time": "2026-06-22T16:27:40Z",
"versions": [
"99.0.0"
]
}
]
}"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/inversiones-common/MAL-2026-6262.json"
[
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
]
{
"package_integrity": [
{
"hashes": {
"sha256": "7608f0765adad5e72f6cb53c5598ae95814678d60648857934d20f7a0aaca80c",
"blake2b_256": "0567c4c23dff4718891fbcfedebe8e4278dd6bb20bc4ad83dfe04d4208c41a7f",
"md5": "810ba6428d37c8d4aefaa2396622327a"
},
"filename": "inversiones_common-99.0.1.tar.gz"
}
],
"evidence_files": [
{
"path": "setup.py",
"sha256": "7832d475f220044f46115d45b71e1c948c75fa90365c0d60946e953d4b35a9ef",
"tlsh": "6cc18288d825bd23b287e518b4795401733a6e6b1e41b8397bdd4a7c1fcf02ef071a94"
}
]
}