MAL-2026-3248
Malicious code in pwn-control (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: kam193 (719b4c85917a0a8bc84e7591598b0d17098dd32c8f29b5c09eb25fe1d3e079c3) During installation, the code runs code to silently control the device via Telegram bot (execute commands, exfiltrate files).
---
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-05-system-update-tool
Reasons (based on the campaign):
- rat
- The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine.
- files-exfiltration
- peristence-autorun
- persistence
- impersonation
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for pwn-control (pip). Pin to a known-safe version or switch to an alternative.