Cybersecurity

Malware Hidden in Audio Files: The PyPI Attack

Hackers hid credential-stealing malware inside a WAV file on PyPI. Learn how supply chain attacks work and how to protect your business.

BASG 5 min read
Cybersecurity analyst examining audio waveforms and code in a dark security operations center with purple ambient lighting

A Ringtone That Steals Your Credentials

On March 27, 2026, hackers from a group called TeamPCP compromised the Telnyx Python SDK — a legitimate software package downloaded over 742,000 times — and published two poisoned versions to PyPI, the world’s largest Python package repository. The malicious code was hidden inside a file called ringtone.wav.

Not a ringtone. A credential stealer.

When a developer installed the compromised package, it silently downloaded what appeared to be an audio file from a remote server. That “audio file” contained encrypted malware that decoded itself in memory, harvested sensitive credentials, and sent them back to the attackers. The technique worked on Windows, Linux, and macOS.

The kicker? The malicious versions were published between 3:51 AM and 4:07 AM UTC — a 16-minute window — with no corresponding releases on GitHub. Anyone running pip install telnyx during that window got the backdoored version automatically. No warnings. No red flags. Just a routine package update that happened to be weaponized.

PyPI quarantined the package quickly, and Telnyx urged users to downgrade to version 4.87.0. But the damage window was open, and the broader lesson here goes far beyond one Python package.

Supply Chain Attacks Are Exploding — Here’s Why

A supply chain attack targets the tools and dependencies your software relies on rather than attacking your systems directly. Instead of breaking through your firewall, attackers poison something your team already trusts — a software library, a build tool, a browser extension, a managed service provider.

The numbers tell a stark story:

  • Software supply chain attacks more than doubled globally during 2025, with over 70% of organizations reporting at least one incident tied to third-party software
  • Malware on open-source platforms is up 73%, with attackers increasingly targeting developer tooling and AI development pipelines
  • The global cost is projected to hit $138 billion annually by 2031, up from $60 billion in 2025
  • Software dependencies, build pipelines, and container images now account for 75% of all observed supply chain attack entry points

This isn’t a niche problem. It’s the dominant force reshaping the threat landscape. Attackers have realized that compromising one upstream package gives them inherited access to hundreds — sometimes thousands — of downstream organizations. One poisoned update. Thousands of victims.

Why This Matters Even If You Don’t Write Code

You might be thinking: “We don’t use Python. We don’t have developers. This doesn’t apply to us.”

It absolutely does.

Every piece of software your business uses was built with dependencies. Your CRM, your accounting software, your email platform, your VoIP system — all of them rely on libraries, frameworks, and packages maintained by third parties. If any one of those components gets compromised upstream, the malware flows downstream to you through a routine software update.

Here’s what that looks like in practice:

  • Your team installs a software update — standard procedure, IT-approved
  • That update contains a compromised dependency — one layer deep, invisible to your team
  • Malware activates silently — harvesting credentials, exfiltrating data, or establishing a backdoor
  • You find out weeks later — usually when someone else discovers the breach

The Telnyx attack used steganography (hiding code inside an audio file) and in-memory execution (never writing malware to disk). These techniques are specifically designed to bypass traditional antivirus and endpoint detection tools that scan files on disk.

If your security strategy starts and ends with antivirus software, you have a gap.

How to Protect Your Business from Supply Chain Attacks

No single tool eliminates supply chain risk, but a layered approach significantly reduces your exposure. Here’s what we recommend to our clients at BASG:

1. Lock Down Your Software Dependencies

  • Pin package versions rather than auto-updating to the latest release
  • Use private package mirrors that vet updates before they reach your environment
  • Audit third-party software and maintain a software bill of materials (SBOM) so you know exactly what’s running in your stack

2. Implement Zero Trust Principles

  • Verify, don’t assume. Even trusted software should operate with least-privilege access
  • Segment your network so a compromised application can’t move laterally across your environment
  • Monitor for anomalous behavior — credential access at 3 AM, unexpected outbound connections, processes spawning child processes they shouldn’t

3. Deploy Endpoint Detection and Response (EDR)

Traditional antivirus misses in-memory attacks like the Telnyx malware. A modern cybersecurity stack needs EDR tools that monitor process behavior, not just file signatures. If a Python package suddenly spawns a process that downloads a WAV file and decodes it in memory, your security tools should flag that immediately.

4. Establish a Vendor Risk Management Program

  • Evaluate the security posture of your software vendors before onboarding them
  • Require vendors to demonstrate secure development practices — code signing, MFA on publishing accounts, vulnerability disclosure programs
  • Have a response plan for when a vendor discloses a compromise. Can your team identify affected systems within one hour? Most organizations can’t

5. Keep Humans in the Loop

Train your team to question unexpected updates, report unusual system behavior, and understand that “trusted software” is only as secure as its weakest upstream dependency. A strong security culture is your best defense against threats that technology alone can’t catch.

The Telnyx attack was caught quickly. Many supply chain compromises aren’t. TeamPCP — the group behind this attack — has hit multiple packages across PyPI using the same techniques, and they’re far from the only group operating in this space.

The uncomfortable truth is that most businesses have no visibility into their software supply chain. They don’t know what dependencies their tools rely on, they don’t monitor for compromised updates, and they don’t have a plan for when — not if — a trusted vendor gets breached.

That’s where having a proactive IT and security partner makes the difference. At BASG, we help businesses build layered defenses that account for exactly these kinds of threats — from managed IT services that keep your environment patched and monitored, to cybersecurity programs that detect the attacks your antivirus won’t, to IT consulting that helps you evaluate vendor risk before it becomes your problem.

Want to know where your supply chain blind spots are? Reach out to our team for a security assessment. We’ll help you see what you’re missing before an attacker finds it first.

Tags: supply chain attack open source security malware PyPI
Back to Blog

Let's Build Your Technology Strategy

Ready to transform your IT from a cost center into a competitive advantage? Talk to our team.

Get a Consultation 888-421-5550