Malware - Malicious ‘Pyronut’ Package Backdoors Telegram Bots
Basically, a fake software package tricked developers and allowed hackers to control their Telegram bots.
A new malicious package named pyronut has been found on PyPI, targeting Telegram bot developers. This package can backdoor bots, allowing hackers to execute remote commands. Developers must act quickly to secure their systems and data.
What Happened
A malicious Python package called pyronut was discovered on the Python Package Index (PyPI). This package specifically targets developers who create Telegram bots by mimicking the popular pyrogram framework. Instead of using typical typosquatting tactics, the threat actor copied the entire project description of pyrogram, creating a malicious fork. This strategy is designed to deceive developers into downloading the harmful package, which has already gained significant traction with around 370,000 downloads per month.
Researchers from Endor Labs identified three malicious versions of pyronut—2.0.184, 2.0.185, and 2.0.186—shortly after their release on March 18, 2026. They acted quickly to quarantine these versions, effectively minimizing the potential damage. However, any developer who installed these versions during that brief window was at risk of a severe compromise.
Who's Being Targeted
The primary targets of this attack are developers working with the pyrogram framework to build Telegram bots. By impersonating a trusted library, the malicious package exploits the trust developers place in established tools. This type of attack is particularly dangerous because it can spread rapidly within developer communities, especially those active on Telegram and various forums.
The ease of access to the malicious package, combined with its clever disguise, makes it a high-value target for attackers. Developers who unknowingly installed pyronut may find their bots compromised, leading to potential data theft or unauthorized access to sensitive information.
Signs of Infection
Once installed, pyronut remains dormant until a developer runs their bot. It activates when the Client.start() method is called, which is a standard initialization step for any pyrogram-based bot. The backdoor is cleverly hidden within a module, allowing it to bypass normal security checks.
The backdoor establishes two hidden message handlers in the victim's Telegram client. One handler executes arbitrary Python code, while the other allows the attacker to run shell commands directly on the victim's machine. This means that the attacker can manipulate the bot and access sensitive data without raising any alarms, making it extremely difficult to detect through traditional security measures.
How to Protect Yourself
Developers who may have installed the pyronut package should take immediate action. First, uninstall the package and rebuild any affected virtual environments from a clean state. It's crucial to treat all environment variables, API keys, and sensitive credentials as compromised and rotate them immediately.
Additionally, developers should terminate active Telegram sessions and revoke any Bot API tokens associated with the compromised bots. Regularly reviewing dependency files like requirements.txt and using lockfiles with cryptographic hash pinning can help prevent similar attacks in the future. Finally, integrating Software Composition Analysis tools into CI/CD pipelines will significantly reduce exposure to such supply chain attacks.