Keep in mind Marak was active in the issue tracker afterwards pretending to be fixing the "bug". Marak didn't change the description, readme, or roadmap of the package. He passed the release off as a functioning library that deliberately crashes any process that used the library. That is a Trojan.
This still describes a very standard industrial sabotage. Quite often workers will continue deliberating confusion as part of the sabotage, either to cover their tracks or to maximize the time of diminished production. The goal is still the same.
