Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets
Mar 12, 2024
Cryptocurrency / Cybercrime
Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet. The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from PyPI. The list of packages is as follows - jsBIP39-decrypt (126 downloads) bip39-mnemonic-decrypt (689 downloads) mnemonic_to_address (771 downloads) erc20-scanner (343 downloads) public-address-generator (1,005 downloads) hashdecrypt (4,292 downloads) hashdecrypts (225 downloads) BIPClip, which is aimed at developers working on projects related to generating and securing cryptocurrency wallets, is said to be active since at least December 4, 2022, when hashdecrypt was first published to the registry. "This is just the latest software supply ...
