https://feed.craftedsignal.io/tags/teampcp/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioMon, 30 Mar 2026 19:15:30 +0000https://feed.craftedsignal.io/briefs/2026-03-telnyx-pypi-compromise/Mon, 30 Mar 2026 19:15:30 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-telnyx-pypi-compromise/A threat actor compromised the PyPI package `telnyx`, uploading malicious versions 4.87.1 and 4.87.2 containing credential-stealing malware that exfiltrates data to a C2 server.On March 27, 2026, the telnyx Python package on PyPI was compromised by TeamPCP, resulting in the distribution of malicious versions 4.87.1 and 4.87.2. The attacker, having gained unauthorized access to PyPI credentials, bypassed the legitimate GitHub release pipeline to upload these compromised packages directly. These versions contain malware designed to harvest sensitive credentials from infected systems and exfiltrate them to a command-and-control (C2) server. The malicious packages were available for approximately 6 hours before being quarantined by PyPI. Version 4.87.1 contained a typo preventing execution, making 4.87.2 the fully functional malicious version. This incident highlights the risk of supply chain attacks targeting open-source package repositories, potentially affecting any system that installed the telnyx package during the exposure window.

Attack Chain

1. The attacker gains unauthorized access to PyPI credentials for the telnyx package.
2. The attacker uploads malicious versions 4.87.1 and 4.87.2 of the telnyx package to PyPI, bypassing the legitimate GitHub repository.
3. When a user installs or upgrades to the malicious telnyx package, the injected malware within telnyx/_client.py executes upon importing the library (import telnyx).
4. On Linux/macOS systems, the malware spawns a detached subprocess to ensure persistence and downloads a payload hidden inside a WAV audio file (ringtone.wav) from the C2 server at http://83.142.209.203:8080/.
5. The downloaded payload harvests sensitive credentials, including SSH keys, AWS/GCP/Azure credentials, Kubernetes tokens, Docker configurations, .env files, database credentials, and crypto wallets.
6. If Kubernetes access is detected, the malware deploys privileged pods to all nodes for lateral movement within the Kubernetes cluster.
7. The collected data is encrypted using AES-256-CBC and RSA-4096, then exfiltrated to the C2 server, identified by the header X-Filename: tpcp.tar.gz.
8. On Windows, a binary payload hidden in hangup.wav is downloaded from http://83.142.209.203:8080/, dropped as msbuild.exe in the Startup folder for persistence, and executed with a hidden window, polling the endpoint http://83.142.209.203:8080/raw.

Impact

The compromise of the telnyx PyPI package poses a significant risk to developers and organizations that use the library. Successful exploitation leads to the theft of sensitive credentials, potentially granting the attacker unauthorized access to critical infrastructure, cloud resources, and sensitive data. TeamPCP’s previous campaign against LiteLLM and the similarities in this attack suggest a pattern of targeting open-source projects to infiltrate developer environments and steal secrets. The impact includes potential data breaches, financial losses, and reputational damage. The exposure window was approximately 6 hours during which vulnerable versions were available.

Recommendation

• Immediately check for the presence of malicious telnyx package versions (4.87.1 or 4.87.2) in your environment using the provided commands and uninstall them (pip uninstall telnyx).
• Due to the credential-stealing nature of the malware, rotate all potentially exposed secrets, including SSH keys, cloud provider credentials (AWS, GCP, Azure), Kubernetes tokens, Docker registry credentials, database passwords, API keys in .env files, and Telnyx API keys.
• Check for persistence mechanisms used by the malware, specifically the audiomon service and associated files on Linux/macOS, and the msbuild.exe executable in the Startup folder on Windows, based on the file paths provided in the “Filesystem” section.
• Block the identified C2 IP address (83.142.209.203) and payload URLs (http://83.142.209.203:8080/ringtone.wav, http://83.142.209.203:8080/hangup.wav, http://83.142.209.203:8080/raw) at your network perimeter.
• Deploy the following Sigma rule to detect the creation of msbuild.exe in the Startup folder.
• Pin the telnyx package to the safe version 4.87.0 in your project dependencies to prevent future installations of compromised versions.

]]>criticalthreatsupply-chainpypicredential-theftteampcphttps://feed.craftedsignal.io/briefs/2026-03-canisterworm-kubernetes-wiper/Mon, 23 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-canisterworm-kubernetes-wiper/TeamPCP's CanisterWorm is a newly identified Kubernetes wiper targeting Iranian infrastructure, indicating a politically motivated destructive attack.TeamPCP has deployed a Kubernetes wiper named CanisterWorm, specifically targeting Iranian infrastructure. This destructive malware is designed to obliterate data within Kubernetes environments. The wiper’s emergence in March 2026 signals a heightened level of cyber aggression, particularly given the geopolitical context. Defenders need to be aware of the potential for significant operational disruption and data loss. The targeting of Kubernetes environments reflects a sophisticated understanding of modern infrastructure and the increasing reliance on containerization technologies. This campaign requires immediate attention and proactive security measures to mitigate the risk of successful attacks.

Attack Chain

1. Initial compromise of a node within the Kubernetes cluster, possibly via exploiting a known vulnerability or through compromised credentials.
2. CanisterWorm gains elevated privileges within the compromised node, potentially using techniques such as privilege escalation exploits.
3. Discovery of other nodes and resources within the Kubernetes cluster through reconnaissance activities, leveraging the Kubernetes API.
4. Lateral movement to other nodes using stolen credentials or by exploiting trust relationships between nodes.
5. Execution of CanisterWorm on each targeted node, initiating the data wiping process.
6. Overwriting critical system files and data volumes within the containers and pods.
7. Corruption of Kubernetes configuration files, leading to instability and potential cluster failure.
8. Final stage involves the complete destruction of data within the Kubernetes environment, rendering the affected systems unusable.

Impact

The successful deployment of CanisterWorm results in widespread data loss and service disruption within the targeted Kubernetes environments. This can lead to significant financial losses, reputational damage, and operational downtime. Given the targeting of Iranian infrastructure, this attack has the potential to impact critical services and government operations. The complete destruction of data necessitates extensive recovery efforts and may result in permanent data loss if backups are not available or are also compromised.

Recommendation

• Monitor Kubernetes API server logs for suspicious activity, particularly attempts to list or access sensitive resources to detect reconnaissance (reference: Attack Chain step 3).
• Implement network segmentation and strict access controls within the Kubernetes cluster to limit lateral movement (reference: Attack Chain step 4).
• Deploy the Sigma rule Detect Suspicious Kubernetes Pod Deletion to identify potential wipe attempts.
• Review and harden Kubernetes security configurations, including RBAC (Role-Based Access Control) policies, to prevent unauthorized access (reference: Attack Chain step 2).

]]>criticalthreatkuberneteswiperirancanisterwormteampcpdestructive-attack