This file collects system information (hostname via platform.node(), username via getpass.getuser(), current working directory via os.getcwd()) and transmits it to external URLs, including dnipqouebm-psl[.]cn[.]oast-cn[.]byted-dast[.]com001, oqvignkp58-psl[.]i18n[.]oast-row[.]byted-dast[.]com/realtime_p/pypi/001, and sbfwstspuutiarcjzptf0rueg2x53eh2c[.]oast[.]fun. These domains appear suspicious and serve no legitimate functionality, strongly suggesting malicious intent. The internet requests include sensitive data, posing a high risk of unauthorized data exfiltration.
Live on PyPI for 54 minutes before removal. Socket users were protected even while the package was live.