Home
News
Details

SlowMist Discloses Cross-Registry Supply Chain Attack Targeting Crypto and AI Developers

iconTechFlow
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
SOL
$62.75-3.9%
AI summary iconSummary

expand icon
SlowMist reported a cross-registry supply chain attack targeting crypto and AI developer communities. Malicious packages spread across npm, PyPI, and Crates.io, affecting over 34 packages and 384 versions. Attackers aim to steal crypto wallets, SSH keys, cloud credentials, and developer secrets. Payloads use .cursorrules, cron, systemd, and SSH for persistence. On-chain news underscores the urgency for developers to remove affected packages, isolate systems, and rotate credentials. Affected projects include DeFi, Solana, Sui/Move, and AI platforms. SlowMist urges a full rebuild of CI environments and developer machines.

According to on-chain analyst PeckShield (@PeckShieldAlert), SlowMist’s threat intelligence system, MistEye, detected a cross-registry supply chain attack targeting developers. Malicious packages have spread across the three major registries—npm, PyPI, and Crates.io—impacting over 34 malicious packages and more than 384 associated versions. The attack targets developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI communities, potentially leading to the theft of crypto wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, and other developer secrets. Some malicious payloads also attempt to achieve persistence via .cursorrules, CLAUDE.md, Git hooks, cron, systemd, and SSH. SlowMist recommends immediately removing affected packages, isolating compromised systems, rotating exposed credentials, rebuilding CI environments and developer machines from clean images, and conducting a comprehensive review of activities related to GitHub, cloud services, SSH, and wallets.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.