—

MAL-2026-6560

Malicious code in tdata-grabber (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (6aa5184e991d29d6a751e13971ce2ce6a1cec834f675a1c3dd5eb0fc2ec75762) Package exfiltrates data from the Telegram application to a remote location, effectively collecting Telegram sessions.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-telegramlite

Reasons (based on the campaign):

- target:telegram

- files-exfiltration

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / tdata-grabber

No fixed version published yet for tdata-grabber (pip). Pin to a known-safe version or switch to an alternative.

References

https://bad-packages.kam193.eu/pypi/package/tdata-grabber [WEB]