Telnyx Python SDK hides credential stealer in WAV-file steganography
TeamPCP published malicious telnyx 4.87.1 and 4.87.2 to PyPI on 27 March 2026 (~670k monthly downloads). Trojanised _client.py downloads steganographic payloads disguised as .wav files over plaintext HTTP, extracts the credential stealer, and persists. Windows variant drops msbuild.exe to the Startup folder; Linux variant uses a user-level systemd service. AES-256-CBC + RSA-4096 envelope for exfil.
- Threat actor
- TeamPCP
- Detected by
- JFrog
- Ecosystems
- PyPI
- Packages tracked
- 1
What happened
On 27 March 2026 the threat group TeamPCP published two trojanised releases of telnyx (4.87.1 and 4.87.2) — the official Python SDK for the Telnyx voice/SMS platform with roughly 670k monthly downloads. The malicious code lives inside telnyx/_client.py and runs the moment any consumer imports the SDK.
The loader pulls steganographic payloads from 83.142.209.203:8080/hangup.wav and /ringtone.wav over plaintext HTTP. Audio frames hide a base64 + XOR-encoded blob that decrypts into a credential stealer. Exfiltration uses an AES-256-CBC payload wrapped in an RSA-4096 envelope, tagged with the header X-Filename: tpcp.tar.gz.
Persistence is OS-specific:
- Windows drops
msbuild.exeinto%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\and uses an.lockcompanion file. - Linux installs a user-level
audiomon.servicesystemd unit under~/.config/systemd/user/backed by~/.config/audiomon/.
This is TeamPCP's second high-impact campaign in a week — JFrog tied the same actor to the earlier litellm PyPI compromise. PyPI quarantined both versions, but any environment that resolved telnyx>=4.87.1 during the live window should treat developer credentials and host metadata as compromised.
Affected packages (1)
- PyPI
telnyx4.87.14.87.2
Impact
- Persistent Windows execution as msbuild.exe in Startup
- Linux user-level systemd persistence (audiomon.service)
- Credential and host-metadata exfiltration to attacker C2
- Targets developers integrating with Telnyx voice/SMS APIs
What to do
- 1Downgrade to
telnyx4.87.0 or earlier - 2Delete
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\msbuild.exe - 3Remove
~/.config/audiomon/and~/.config/systemd/user/audiomon.service - 4Block 83.142.209.203:8080 and the
/hangup.wav,/ringtone.wavURIs