{ "Event": { "analysis": "1", "date": "2026-03-24", "extends_uuid": "", "info": "[Threat Intel] Supply Chain Attack: Malicious PyPI Packages", "protected": false, "publish_timestamp": "1775507900", "published": true, "threat_level_id": "2", "timestamp": "1775507900", "uuid": "02da8ea6-8c0c-4353-beb3-1f468fa47edf", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#52774b", "local": false, "name": "misp-galaxy:producer=\"Wiz Blog\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"from-original-src\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"from-OTX\"", "relationship_type": "" }, { "colour": "#bb2745", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Standard Encoding - T1132.001\"", "relationship_type": "" }, { "colour": "#201172", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Compromise Software Dependencies and Development Tools - T1195.001\"", "relationship_type": "" }, { "colour": "#e8825f", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Supply Chain Compromise - T1195\"", "relationship_type": "" }, { "colour": "#f4a1a7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Code Signing Policy Modification - T1553.006\"", "relationship_type": "" }, { "colour": "#2e368d", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Path Interception by Search Order Hijacking - T1574.008\"", "relationship_type": "" }, { "colour": "#fe1ef0", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Web Shell - T1505.003\"", "relationship_type": "" }, { "colour": "#aa1f95", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data Staged - T1074\"", "relationship_type": "" }, { "colour": "#a9f8b1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exfiltration Over C2 Channel - T1041\"", "relationship_type": "" }, { "colour": "#59699c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Valid Accounts - T1078\"", "relationship_type": "" }, { "colour": "#7d37d8", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Python - T1059.006\"", "relationship_type": "" }, { "colour": "#92e858", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Web Protocols - T1071.001\"", "relationship_type": "" }, { "colour": "#4c0fbb", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Ingress Tool Transfer - T1105\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#120044", "local": false, "name": "rectifyq:sub-category=\"intrusion-analysis\"", "relationship_type": "" }, { "colour": "#18005e", "local": false, "name": "rectifyq:topic=\"supply-chain\"", "relationship_type": "" }, { "colour": "#1b0068", "local": false, "name": "rectifyq:topic=\"cloud\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#55acee", "local": false, "name": "rectifyq:MY-relevancy=\"potentially-relevant\"", "relationship_type": "" }, { "colour": "#18005c", "local": false, "name": "rectifyq:topic=\"ai\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1774494018", "to_ids": false, "type": "link", "uuid": "bb000035-67a9-40ce-9114-c65af4029ab1", "value": "https://www.wiz.io/blog/threes-a-crowd-teampcp-trojanizes-litellm-in-continuation-of-campaign" }, { "category": "Other", "comment": "Description", "deleted": false, "disable_correlation": false, "timestamp": "1774494018", "to_ids": false, "type": "text", "uuid": "cd61b52c-b39b-45d7-9a7a-cb132ef9a258", "value": "TeamPCP has launched a supply chain attack targeting LiteLLM, an open-source Python library used in 36% of cloud environments. Malicious versions 1.82.7 and 1.82.8 were published on PyPI, employing sophisticated techniques for payload delivery and persistence. The compromised packages exploit Python's .pth mechanism for stealthy execution across any Python process. The malware collects sensitive data including API keys, cloud credentials, and CI/CD secrets, encrypting and exfiltrating them to attacker-controlled domains. This attack follows TeamPCP's previous compromises of Aqua Security's Trivy and Checkmarx tools, highlighting an ongoing campaign against the open-source ecosystem. The incident underscores the potential for widespread impact and the need for vigilance in software supply chain security." }, { "category": "Other", "comment": "Summary", "deleted": false, "disable_correlation": false, "timestamp": "1774494018", "to_ids": false, "type": "text", "uuid": "25a223a9-527f-4df9-81f0-81fab439fd81", "value": "Name: Supply Chain Attack: Malicious PyPI Packages\nAuthor: AlienVault\nAdversary: TeamPCP\nTags: [\"cloud security\", \"supply chain attack\", \"pypi\", \"litellm\"]\nTgtd countries: []\nMlwr families: []\nAttack_ids: [\"T1132.001\", \"T1195.001\", \"T1195\", \"T1553.006\", \"T1574.008\", \"T1505.003\", \"T1074\", \"T1041\", \"T1078\", \"T1059.006\", \"T1071.001\", \"T1105\"]\nIndustries: []" }, { "category": "Attribution", "comment": "Adversary", "deleted": false, "disable_correlation": false, "timestamp": "1774494018", "to_ids": false, "type": "threat-actor", "uuid": "f471429a-097e-493a-8adb-e101c507bb56", "value": "TeamPCP" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1775494189", "to_ids": true, "type": "url", "uuid": "bb7806f2-a30c-414e-b564-20ec141ebadf", "value": "http://checkmarx.zone/raw", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1775494210", "to_ids": true, "type": "domain", "uuid": "848ecaa2-c994-47cf-8e83-816f8450920f", "value": "checkmarx.zone", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1775494231", "to_ids": true, "type": "hostname", "uuid": "d92d84d7-744b-4ca7-b440-fd9f6a906b63", "value": "models.litellm.cloud", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] } ] } }