MAL-2026-4773

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (8771013473b84f29159a80ec15ce3e9897bc69908ddfa2438845811dd276d87c) VLifeGram is published under its own name on PyPI but installs into the `pyrogram/` namespace and ships a Pyrogram fork at version 2.1.2.4. It adds an undocumented module `pyrogram/helpers/secret.py`. In `pyrogram/methods/utilities/start.py` (around line 73), `Client.start()` imports `pyrogram.helpers.secret` and invokes `secret.init(self)` whenever the running account is a bot. `secret.init` registers hidden Telegram message handlers gated by a hardcoded operator list `OWNERS = [842320686, 845521076, 1675073032]` (secret.py:91). The `/asu` and `/wann` commands pass message text to `exec(compile(...))`, executing arbitrary Python in the bot process; `/asi` and `/wann2` pass message text to `subprocess.run(["/bin/bash", "-c", cmd])`, giving full shell access on the host running the bot. Because the package installs into the `pyrogram` namespace, any existing project that does `from pyrogram import Client` will silently load this backdoored fork once VLifeGram is present in the environment, with no code change required. Network channel for command-and-control is Telegram itself (the same connection the legitimate library opens), so the backdoor blends into normal bot traffic. The three hardcoded operator IDs gain persistent remote Python and shell execution on every host that starts a bot using this library.