{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/steganography/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["TeamPCP"],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["supply chain attack","pypi","credential theft","steganography"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eOn March 27, 2026, the Telnyx package on the Python Package Index (PyPI) was compromised by the threat actor TeamPCP. Malicious versions 4.87.1 and 4.87.2 were uploaded, containing credential-stealing malware concealed within WAV audio files. This supply-chain attack targeted developers using the Telnyx Python SDK, a popular package with over 740,000 monthly downloads, used for integrating communication services into applications. The malicious code resides in the \u003ccode\u003etelnyx/_client.py\u003c/code\u003e file and executes upon import. The compromise is believed to have originated from stolen credentials for the publishing account on the PyPI registry. TeamPCP has been linked to previous supply-chain attacks and wiper campaigns against Iranian systems, highlighting the group\u0026rsquo;s focus on disrupting software development and infrastructure.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eTeamPCP gains unauthorized access to the Telnyx PyPI account, likely through credential theft.\u003c/li\u003e\n\u003cli\u003eMalicious versions 4.87.1 and 4.87.2 of the Telnyx package are published to PyPI.\u003c/li\u003e\n\u003cli\u003eWhen a developer installs the compromised Telnyx package, the \u003ccode\u003etelnyx/_client.py\u003c/code\u003e file is executed upon import.\u003c/li\u003e\n\u003cli\u003eOn Linux and macOS, a detached process is spawned to download a second-stage payload disguised as a WAV audio file (\u003ccode\u003eringtone.wav\u003c/code\u003e) from a remote command-and-control (C2) server.\u003c/li\u003e\n\u003cli\u003eSteganography is used to hide malicious code within the WAV file\u0026rsquo;s data frames.\u003c/li\u003e\n\u003cli\u003eThe embedded payload is extracted using an XOR-based decryption routine and executed in memory.\u003c/li\u003e\n\u003cli\u003eThe malware harvests sensitive data, including SSH keys, credentials, cloud tokens, cryptocurrency wallets, and environment variables.\u003c/li\u003e\n\u003cli\u003eIf Kubernetes is present, the malware enumerates cluster secrets and deploys privileged pods to access underlying host systems. On Windows, a different WAV file (\u003ccode\u003ehangup.wav\u003c/code\u003e) is downloaded that extracts and saves an executable named \u003ccode\u003emsbuild.exe\u003c/code\u003e to the startup folder for persistence.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis supply chain attack could result in widespread compromise of systems utilizing the Telnyx Python SDK. Over 740,000 monthly downloads indicate a large potential victim pool. Stolen credentials and secrets can lead to unauthorized access to cloud resources, sensitive data exfiltration, and further lateral movement within compromised networks. For systems running Kubernetes, the attacker could gain control over the entire cluster, leading to significant disruption and data loss. Developers who installed the malicious packages are advised to consider their systems fully compromised and rotate all secrets as soon as possible.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify and remove Telnyx versions 4.87.1 and 4.87.2 from all environments, reverting to version 4.87.0 as recommended by the vendor.\u003c/li\u003e\n\u003cli\u003eMonitor network connections for processes spawned by Python interpreters (\u003ccode\u003epython.exe\u003c/code\u003e, \u003ccode\u003epython3\u003c/code\u003e) attempting to download files with the \u003ccode\u003e.wav\u003c/code\u003e extension, using the \u0026ldquo;Detect Suspicious Python WAV Download\u0026rdquo; Sigma rule provided below.\u003c/li\u003e\n\u003cli\u003eImplement stricter controls and multi-factor authentication for PyPI accounts used to publish packages to prevent similar supply chain attacks.\u003c/li\u003e\n\u003cli\u003eDeploy the \u0026ldquo;Detect msbuild.exe in Startup Folder\u0026rdquo; Sigma rule to identify potential persistence attempts on Windows systems.\u003c/li\u003e\n\u003cli\u003eRotate all secrets and credentials on any system that has imported the malicious Telnyx package.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-28T12:00:00Z","date_published":"2026-03-28T12:00:00Z","id":"/briefs/2026-03-teampcp-telnyx/","summary":"The TeamPCP threat actor compromised the Telnyx PyPI package, injecting credential-stealing malware hidden within WAV audio files to target Linux, macOS, and Windows systems.","title":"TeamPCP Backdoors Telnyx PyPI Package with Steganographic Malware","url":"https://feed.craftedsignal.io/briefs/2026-03-teampcp-telnyx/"}],"language":"en","title":"CraftedSignal Threat Feed — Steganography","version":"https://jsonfeed.org/version/1.1"}