According to ChainCatcher, researchers at cybersecurity company Checkmarx have sounded the alarm about a dangerous malware uploaded to the Python Package Index (PyPI) that steals private keys. According to the company, the malware was automatically uploaded by suspicious users through several different packages, designed to imitate the decoding applications of popular wallets such as MetaMask, Atomic, TronLink, Ronin, and other mainstream products in the industry.
The malware was cleverly embedded into various parts of the software package. Since the malware appeared to be harmless code, it was essentially undetectable. However, upon closer inspection, specific parts of the data allowed the hackers to take control of the cryptocurrency wallets and transfer funds once the unsuspecting user called specific functions embedded in the software package.
