Home
News
Details

Supply chain attack targets crypto and AI developers via npm/PyPI/crates.io

icon MarsBit
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
SOL
$84.71-0.9%
This is the logo of the coin.
SUI
$1.03720.06%
AI summary iconSummary

expand icon
A cross-registry supply chain attack has targeted AI and crypto news developers, with over 34 malicious packages discovered on npm, PyPI, and crates.io. The attack impacts the crypto, DeFi, Solana, Sui/Move, and AI ecosystems. The malicious code seeks to steal wallet keys, SSH credentials, cloud tokens, GitHub/AWS tokens, browser data, and environment variables. Attackers employ .cursorrules, CLAUDE.md, Git hooks, and cron jobs for persistence. Developers should remove affected packages, isolate compromised systems, rotate credentials, rebuild CI environments, and review cloud and wallet activity. On-chain intelligence indicates escalating threats in the space.

Huo Xing Cai Jing reports that, according to SlowMist, the security firm MistEye detected a supply chain attack targeting registries. Attackers distributed malicious packages to npm, PyPI, and crates.io, targeting developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI sectors. The attack involved over 34 malicious packages and more than 384 associated versions. The attackers may have stolen cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and other developer secrets. Some malicious payloads also attempted to achieve persistent persistence via .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH. Developers are advised to immediately remove affected packages, isolate compromised systems, retain logs, rotate exposed credentials, rebuild CI environments and developer machines from clean images, and review activity logs for GitHub, cloud services, SSH, and wallet access.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.