TeamPCP's Telnyx Attack - New Tactics with WAV Payloads
Basically, TeamPCP is using sneaky audio files to steal passwords from computers.
TeamPCP has launched a new attack using WAV-based payloads to steal credentials from users of the Telnyx SDK. This shift in tactics highlights the evolving nature of cyber threats. Users should downgrade to the last known safe version immediately to protect their systems.
What Happened
On March 27, 2026, TeamPCP launched a new attack by publishing malicious versions of the Telnyx Python SDK on PyPI. This attack follows their earlier LiteLLM campaign, marking a significant shift in their tactics. The malicious versions, 4.87.1 and 4.87.2, were designed to activate upon import, utilizing a stealthy approach to steal credentials across multiple operating systems, including Linux, macOS, and Windows.
The attack leveraged WAV-based payloads to hide credential-stealing malware, making it harder to detect. The malicious code was injected into the SDK, specifically in the _client.py file, and was activated simply by importing the Telnyx module. This method allowed the attackers to bypass visual inspection, posing a serious risk to users who downloaded these versions.
Who's Being Targeted
The Telnyx SDK is widely used, with over 700,000 downloads in February alone. This broad user base makes it an attractive target for attackers. Any system that installed the compromised versions is considered fully compromised. Users across Linux, macOS, and Windows platforms are at risk, especially those who have not yet downgraded to the last known clean release, Telnyx 4.87.0.
The attack is particularly concerning because it expands the threat landscape from Linux-only systems to include Windows. This dual-platform targeting increases the potential impact, as it allows attackers to exploit a larger number of users and systems.
Signs of Infection
Users should be vigilant for several signs indicating a potential infection. Indicators may include unexpected downloads of WAV files from non-media IP addresses, the presence of unauthorized msbuild.exe binaries in user Startup folders, and outbound HTTP requests containing specific headers like X-Filename: tpcp.tar.gz.
Additionally, the malware employs an anti-replay mechanism that hides lock files, complicating detection efforts. Organizations should monitor their systems for these behaviors and take immediate action if detected.
How to Protect Yourself
To mitigate the risks associated with this attack, organizations should take proactive measures. First, any installations of Telnyx versions 4.87.1 or 4.87.2 should be downgraded to the last known clean release, 4.87.0. Users must treat systems that imported the affected versions as compromised and implement security measures accordingly.
Furthermore, organizations are advised to pin all PyPI dependencies by hash and closely monitor CI/CD environments for unexpected audio file downloads. By staying vigilant and implementing these recommendations, users can better protect themselves against this evolving threat landscape.