Malicious PyPI packages give hackers control of Telegram bot servers
Security researchers have identified malicious packages on the Python Package Index (PyPI) that enable attackers to take control of Telegram bot servers. The packages, disguised as legitimate Telegram bot libraries, contain code that establishes remote access to the host system. Once installed, the malicious code can execute commands, exfiltrate data, and potentially pivot to other systems. The campaign specifically targets developers who integrate Telegram bots into their applications, leveraging the trust in open-source packages to distribute the malware. The exact number of affected packages or downloads is not specified in the source, but the attack highlights ongoing risks in the software supply chain.
Developers using PyPI packages for Telegram bots risk server compromise.