indicatorurl
hxxp://83[.]142[.]209[.]203:8080/hangup.wav
- First seen
- 2026-05-13
- Last seen
- 2026-05-13
- Sightings
- 2
Posts referencing this indicator
- TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Endpoint serving the Windows second-stage payload (PE binary embedded in WAV audio frames).
- TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
URL hosting the Windows payload hidden via WAV steganography.