During an investigation conducted recently, it was discovered that several malicious packages masquerading as services for recovering cryptocurrency wallets were found in the Python Package Index repository, revealing that they were spying on sensitive personal information and helping to steal cryptocurrency.
A Checkmarx researcher described the attack as targeting Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and many other prominent wallets within the crypto ecosystem in a report released on Tuesday.
It was found that the packages presented themselves as tools that could extract mnemonic phrases and decrypt wallet data, suggesting that they could provide value to cryptocurrency users who are looking to recover or manage wallets”
As long as cryptocurrencies remain a prime target for cybercriminals, they will continue to thrive in the ecosystem.
The recent discovery of malicious packages located on the Python Package Index (PyPI) repository in the Python distribution has led to several tools that masquerade as tools that can help recover and manage crypto wallets. It is a fake tool that is used to steal sensitive information from users and facilitate the theft of valuable digital assets, among other things.
According to Checkmarx researchers, there have been several malicious Python packages found on PyPI that attack users of leading cryptocurrency wallets like Atomi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: