models.litellm.cloud

High Risk Unranked

This domain is a confirmed malicious endpoint used in a supply chain attack against the litellm Python library. It facilitates the exfiltration of stolen credentials and sensitive system data from compromised environments.

🚨 CRITICAL: Malicious Exfiltration Endpoint (Supply Chain Attack)

Risk Category: DANGER – CONFIRMED MALICIOUS / DATA EXFILTRATION

URLert.com has classified litellm.cloud as a high-risk malicious domain. This domain is currently serving as the primary command-and-control (C2) and data exfiltration endpoint for a confirmed supply chain attack targeting the popular Python library litellm. On March 24, 2026, compromised versions of the library (1.82.7 and 1.82.8) were published to PyPI, containing a malicious .pth file that executes automatically upon Python startup.

Specific Findings & Risks:

  • Confirmed Data Theft: The domain is used to receive encrypted archives containing stolen SSH private keys, AWS/GCP/Azure credentials, Kubernetes configurations, and .env files harvested from infected machines.
  • Supply Chain Compromise: This domain is not part of the legitimate litellm infrastructure. It was registered only 1 day ago (March 24, 2026) specifically to facilitate this attack.
  • Lateral Movement: The malware associated with this domain attempts to spread through Kubernetes clusters by creating privileged pods and installing persistent backdoors (sysmon.py).
  • High-Risk Infrastructure: Hosted via Ghosty Networks LLC, the domain uses a .cloud TLD and currently fails to resolve to any legitimate public-facing content, consistent with a dedicated malware backend.

IMMEDIATE ACTION REQUIRED: Block all traffic to *.litellm.cloud at the firewall or DNS level. If you have installed or updated litellm on or after March 24, 2026, audit your environment for versions 1.82.7 or 1.82.8. You must assume all credentials on affected systems (SSH, Cloud APIs, Database passwords) are compromised and rotate them immediately. Check for persistence markers at ~/.config/sysmon/sysmon.py.

Potentially Malicious malwaredata exfiltrationsupply chain attackcredential theft
Community Intelligence
Safe 0% Suspicious 0% Dangerous 100%
1 vote

Received a link from this domain?

Paste the exact URL you received to check if it contains threats — even legitimate domains can host malicious pages.

Discuss models.litellm.cloud
Recent Threat Analysis

URLert analyzed recent scan activity for models.litellm.cloud and found 1 result.

Network Infrastructure

Historical and current IP address mappings for this domain.

Something wrong?
• Domain owner?
Developer API

Integrate Domain Intelligence

Access this classification data programmatically via our API.

GET /api/v1/classify?domain=models.litellm.cloud
{
  "domain": "litellm.cloud",
  "confidence": "high",
  "category": {
    "purpose": "potentially_malicious",
    "specialization": "Data Exfiltration Endpoint"
  },
  "identity": {
    "headline": "Malicious domain used for data exfiltration and C2",
    "summary": "This domain is a confirmed malicious endpoint used in a supply chain attack against the litellm Python library. It facilitates the exfiltration of stolen credentials and sensitive system data from compromised environments.",
    "operator": null,
    "parent_entity": null,
    "topics": [
      "malware",
      "data exfiltration",
      "supply chain attack",
      "credential theft"
    ]
  },
  "functions": {
    "is_ugc_platform": false,
    "is_file_host": false,
    "is_url_shortener": false,
    "is_public_idp": false,
    "is_crypto_platform": false,
    "allows_user_subdomains": false,
    "is_form_builder": false,
    "is_document_host": false
  },
  "facts": {
    "registered_date": "2026-03-23T16:32:04.762000Z",
    "rank": null,
    "hosting_provider": "GHOSTYNETWORKS Ghosty Networks LLC"
  }
}
API Documentation ↗ View Pricing ↗