Key Points: Eight manipulated Pyrogram packages on PyPI allow attackers to execute Python code and shell commands on production Telegram bot servers and exfiltrate credentials and database connections.
Since November 2025, Checkmarx has documented a campaign called Operation Navy Ghost, in which attackers use eight counterfeit Pyrogram variants on the Python Package Index (PyPI) to achieve more than 25,000 downloads, thereby leading Python developers to install backdoors.
The affected packages are named VLifeGram, VLife-Gram, pyrogram-navy, pyrogram-styled, pyrogram-zeeb, kelragram, sepgram, and pyrogram-kelra. They were distributed via multiple PyPI accounts, but can be attributed to a single actor through identical infrastructure and code patterns. Pyrogram is a Python framework for Telegram bots that has not received official updates since April 2023 but continues to record high download numbers.
The manipulated packages contain the original source code but were extended with a file named secret.py. This registers covert Telegram command handlers when the bot starts. This allows attackers to inject Python code and system commands on the victim’s server via specific chat commands. The /asu command executes Python code, and the /asi command invokes shell commands via /bin/bash. The commands run with the permissions of the bot application, allowing access to all resources that the infected script can access.
The malware actively suppresses error messages and logging and only activates on genuine Telegram bot accounts, typically in production environments. This gives attackers access to backend databases, cloud APIs, and server credentials. Exfiltrated data is transmitted as Telegram messages or document attachments to the attacker infrastructure, with a whitelist of Telegram IDs ensuring that only the campaign operators can control the infected systems.
For affected developers, immediate action is required: uninstall the suspicious packages, revoke API tokens, and change all credentials on affected servers. PyPI should be checked to verify whether the packages are still available.
Source: www.it-daily.net · Published 5 July 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.3.