The TeamPCP hacking group compromised the official Telnyx PyPI package today, publishing malicious versions 4.87.1 and 4.87.2 that deliver credential-stealing malware concealed within WAV audio files. The popular software development kit, which averages over 740,000 monthly downloads, was breached using stolen publishing account credentials. Attackers corrected a non-functional payload in the first version within an hour, releasing a fully operational backdoor in version 4.87.2.
The malicious code resides in the telnyx/_client.py file and triggers automatically upon import. On Linux and macOS systems, it downloads a WAV file containing embedded malicious code extracted via XOR decryption, harvesting SSH keys, cloud tokens, cryptocurrency wallets, and environment variables. When Kubernetes is detected, the malware enumerates cluster secrets and deploys privileged pods to access host systems.
Windows targets receive a different WAV file that extracts an executable placed in the Startup folder for persistence, with a lock file preventing repeated execution within twelve-hour windows. Security researchers attribute this attack to TeamPCP based on consistent exfiltration patterns and RSA keys seen in previous campaigns against Aqua Security's Trivy and LiteLLM. Version 4.87.0 remains clean, and developers are urged to roll back immediately. Any system that imported the compromised versions should be treated as fully breached with all secrets requiring immediate rotation.
Read more...