Malicious PyPI Packages Give Hackers Control of Telegram Bot Servers
A sophisticated campaign has been targeting Python developers building Telegram bots, compromising nearly 350,000 servers and giving hackers control over sensitive data. The threat actor, dubbed “Operation Navy Ghost” by researchers at Checkmarx, published trojanized Pyrogram forks on the Python Package Index (PyPI), allowing them to read arbitrary files, dump secrets, and access victim’s Telegram chats.
The malicious packages were published between November 2025 and June 2026, with at least eight packages affected. These packages, including VLifeGram, VLife-Gram, pyrogram-navy, and others, have been downloaded over 20,000 times from PyPI. The threat actor added a hidden backdoor called secret.py to the helpers module of these packages, which registers Telegram command handlers when an infected bot launches.
When the attacker sends specific commands to the victim’s bot via Telegram, such as /asu print(os.environ) or /asi cat /etc/passwd, the malicious code executes and returns the output. This allows hackers to access sensitive data, including environment variables, session information, chats, contacts, and even the server’s file system.
The campaign specifically targets Telegram bot accounts, which typically run in production environments, indicating that the attacker seeks “access to databases, credentials, cloud APIs, and sensitive infrastructure.” Once compromised, the threat actor can read any file on the server, dump secrets, access the victim’s Telegram chats, download the database, and install a persistent backdoor.
Checkmarx researchers attribute the campaign to a single threat actor based on shared indicators of compromise, including the same OWNERS list across various packages, identical backdoor code, command names, and overlapping infrastructure. The conclusion is that this is an organized effort to compromise Telegram bot servers, rather than individual malicious activity.
Developers who may have installed these packages should remove them immediately and take steps to secure their environment. This includes rotating all credentials on the affected server, revoking their Telegram bot tokens, and conducting a thorough review of their security posture.
The PyPI packages incident highlights the importance of code integrity and validation in software development. It’s essential for developers to be vigilant when using third-party libraries and dependencies, ensuring that they are up-to-date and free from malicious modifications.
In light of this campaign, it’s crucial for organizations to prioritize code security testing and review their dependency management practices. By doing so, they can reduce the risk of similar attacks in the future.
Source: Bleeping Computer — 2026-06-30