Home / Technology / TeamPCP Poisons Telnyx PyPI Package With Malware
TeamPCP Poisons Telnyx PyPI Package With Malware
30 Mar
Summary
- Telnyx PyPI package was compromised by TeamPCP with malware.
- Malicious update delivered a hidden .wav payload that deployed infostealer.
- Users must downgrade, block C2, and rotate credentials immediately.
The widely-used Telnyx package on PyPI has been compromised by a hacking collective known as TeamPCP. Two malicious versions, 4.87.1 and 4.87.2, were uploaded, which delivered a hidden .wav file containing malware. This payload established persistence on infected systems and deployed an infostealer designed to harvest sensitive data.
This incident follows TeamPCP's recent compromise of another major Python package, LiteLLM. While the exact method of account compromise for the Telnyx maintainer is unknown, the malicious payload is now offline. Users who installed the tainted versions are strongly advised to downgrade immediately.
Furthermore, affected users should block communication with any command-and-control servers, revoke and rotate all credentials, and scan their systems for any signs of persistent compromise. Prompt action is crucial to mitigate the security risks.
