Home
News
Details

Over 34 malicious packages target crypto and AI developers in supply chain attack

iconChaincatcher
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
SOL
$84.03-1.39%
This is the logo of the coin.
SUI
$1.0213-0.67%
AI summary iconSummary

expand icon
A supply chain attack has been uncovered on npm, PyPI, and crates.io, involving over 34 malicious packages targeting developers in AI and crypto news, as well as other professionals in the crypto, DeFi, Solana, Sui/Move, and AI sectors. These packages can steal wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and secrets. Some payloads use .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH for persistence. Developers should remove affected packages, isolate compromised systems, retain logs, rotate credentials, rebuild CI environments, and review activity on GitHub, cloud services, SSH, and wallets. On-chain developments underscore the urgent need to secure development workflows.

ChainCatcher report: According to SlowMist, the security firm MistEye detected a supply chain attack targeting registries. The attackers distributed malicious packages to npm, PyPI, and crates.io, targeting developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI sectors. The attack involved over 34 malicious packages and more than 384 associated versions. The attackers may be stealing cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and other developer secrets. Some malicious payloads also attempt to achieve persistence via .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH. Developers are advised to immediately remove affected packages, isolate compromised systems, retain logs, rotate exposed credentials, rebuild CI environments and developer machines from clean images, and review activity logs for GitHub, cloud services, SSH, and wallet access.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.