{"id":"MAL-2026-10757","summary":"Malicious code in dde-common (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (8a9c1ea29800a587d513d49d1ed9ddd14d9cf9d246e6622f57389e9c91606ad5)\nThe pypi package dde-common advertises itself as 'base types and interfaces' but exposes only a no-op DdeCommon stub. Its setup.py copies a telemetry.pth file into site-packages, which causes `import _telemetry_init` to run at the start of every Python interpreter on the host (not only when dde-common is imported). _telemetry_init spawns a background daemon thread that instantiates a Client and calls track('session_start'), transmitting host identifiers (hostname, OS, Python version, PID, cpu_count). The transport module _telemetry_transport.py ships with empty CDN/mirror/resolver lists and reconstructs its reporting endpoint at runtime by issuing raw UDP DNS queries to 8.8.8.8 and 1.1.1.1 for TXT records labeled `0.\u003cdomain\u003e...N.\u003cdomain\u003e`, concatenating the chunks and base64-decoding them to obtain the destination. No plaintext exfiltration URL exists in the source. The combination — interpreter-wide auto-run via.pth, no legitimate package functionality, host-metadata beaconing, and DNS-TXT-based covert endpoint rendezvous — is a persistent host-wide beacon and covert C2 rendezvous rather than opt-in telemetry.\n","modified":"2026-07-16T19:20:02.505053547Z","published":"2026-07-16T18:43:48Z","database_specific":{"malicious-packages-origins":[{"sha256":"8a9c1ea29800a587d513d49d1ed9ddd14d9cf9d246e6622f57389e9c91606ad5","source":"amazon-inspector","versions":["0.0.1"],"id":"IN-MAL-2026-010763","import_time":"2026-07-16T18:54:03.332745318Z","modified_time":"2026-07-16T18:43:48Z"}]},"references":[{"type":"PACKAGE","url":"https://pypi.org/project/dde-common/0.0.1/"}],"affected":[{"package":{"name":"dde-common","ecosystem":"PyPI","purl":"pkg:pypi/dde-common"},"versions":["0.0.1"],"database_specific":{"cwes":[{"cweId":"CWE-506","description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code"}],"indicators":{"evidence_files":[{"sha256":"34a3a05b9ae6c9efd62a5b84aba9517741ce3cffaba4296bc02c45fdfe8ac854","tlsh":"aed11c27ed0f2c328172d75e9899d0f0f72643035ab192577cac831d2f7851782ae5ae","path":"_telemetry_init.py"},{"path":"_telemetry_transport.py","sha256":"3b2e157d9383b96d3591c354bd80acb2ac525529f18fb1522fe49f22520ea650","tlsh":"04b33cb6ed1bac228177c91e9c86e047f72a4753222c614779bc826c2f74715c2e4eed"},{"tlsh":"fde06da85d4fe82241b5cc5e8d91b443eb5e4a47552e1093717cb11a1f34e14d1d89f9","path":"src/dde_common/__init__.py","sha256":"fbe0208e6454b37990122c5e72a5290abbf1bc99b2ed22cd037e3583dbbbf8d2"}],"package_integrity":[{"filename":"dde_common-0.0.1.tar.gz","hashes":{"md5":"15c39fb5942de814f4ee0b3df71f769e","sha256":"ae14999a0b7c27b34784611fd0e21b40e2065848fc2ac36c845c29d1c453b010","blake2b_256":"f0a28bb8bbc2f273ad822c8d907b83ca1e605879506d67c3df21ec8d6a9ef16d"}}]},"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dde-common/MAL-2026-10757.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}