← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
TeamPCP Injects Two-Stage Credential Stealer into xinference PyPI Package
WHITE PetrP.73 2026-04-30 Modified: 2026-04-30
15
IOCs
MEDIUM VOLUME
On April 22, 2026, versions 2.6.0, 2.6.1, and 2.6.2 of the xinference open-source package on PyPI were found to include a two-stage credential-stealing payload. This payload is embedded in the xinference/__init__.py file, which automatically executes upon the import of the package. Once triggered, it decodes a second-stage collector that captures sensitive information including SSH keys, cloud credentials, environment variables, and cryptocurrency wallet details. This data is subsequently exfiltrated as a tar.gz file named love.tar.gz to the command and control (C2) server at http://whereisitat.lucyatemysuperbox.space using a curl POST request. The integrity of these compromised versions was compromised enough to prompt their immediate removal from PyPI.
hardenrunnerpostteampcppypipythonstepsecuritymarchpayloadthecli invocationservice startupinstallaprilbitcoin
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (15)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 3ee893ae46530b92e0d26435fb979d82 MD5 of f677cd06e0dfbd23b6feb47f31d49cb8fcc88ed0487d30143d36d4f54261e3de 2026-04-30
FileHash-MD5 c6ce4e25f7fe3e3bb1eea2e9052483bf MD5 of 96007d4ee4171e383cecdf7a34b606bfcb78eff435182dc86daa49a17153dcd3 2026-04-30
FileHash-MD5 e291734d46c313a23d676681499f8846 MD5 of 4c5c589f543b1a02251451ab3baaeed7c82851de10fa33f87b95a85e3040c92e 2026-04-30
FileHash-SHA1 11df25f623507d1d6592a8eec86a4972c2ea9ce8 SHA1 of 4c5c589f543b1a02251451ab3baaeed7c82851de10fa33f87b95a85e3040c92e 2026-04-30
FileHash-SHA1 63f025e8714b9390eae4ecc6c51a049bae6fb736 SHA1 of 96007d4ee4171e383cecdf7a34b606bfcb78eff435182dc86daa49a17153dcd3 2026-04-30
FileHash-SHA1 dc736a8a7f09b3da5d2e79aad151cf17f168e579 SHA1 of f677cd06e0dfbd23b6feb47f31d49cb8fcc88ed0487d30143d36d4f54261e3de 2026-04-30
FileHash-SHA256 4c5c589f543b1a02251451ab3baaeed7c82851de10fa33f87b95a85e3040c92e 2026-04-30
FileHash-SHA256 96007d4ee4171e383cecdf7a34b606bfcb78eff435182dc86daa49a17153dcd3 2026-04-30
FileHash-SHA256 f677cd06e0dfbd23b6feb47f31d49cb8fcc88ed0487d30143d36d4f54261e3de 2026-04-30
URL http://ghcr.io/elementary-data/elementary 2026-04-30
URL https://whereisitat.lucyatemysuperbox.space/ 2026-04-30
domain ghcr.io 2026-04-30
domain subprocess.run 2026-04-30
hostname audit.checkmarx.cx 2026-04-30
hostname whereisitat.lucyatemysuperbox.space 2026-04-30
References (1)
↗ https://www.stepsecurity.io/blog/teampcp-injects-two-stage-credential-stealer-into-xinference-pypi-package