litellm
litellm is identified in the SafeDep analysis "Malicious litellm 1.82.8: Credential Theft and Persistent Backdoor". >-
discovered 2026-03-24
Threat types
credential_stealerdata_exfiltrationratpersistence
Malicious versions
- 1.82.8
Campaigns
Indicators
Techniques
- ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
- ttpT1059.006 Command and Scripting Interpreter: Pythonuses
- ttpT1552.001 Unsecured Credentials: Credentials In Filesuses
- ttpT1041 Exfiltration Over C2 Channeluses
- ttpT1105 Ingress Tool Transferuses
- ttpT1071.001 Application Layer Protocol: Web Protocolsuses
- ttpT1546 Event Triggered Executionuses
- ttpT1027 Obfuscated Files or Informationuses
