CyberSecurityBoard
Sponsor Register Login

Malicious Rust packages on Crates.io steal crypto wallet keys

Recently, security researchers uncovered a series of malicious Rust packages hosted on Crates.io, the official Rust package registry, designed to steal cryptocurrency wallet keys from developers who inadvertently include these packages in their projects. These malicious packages masquerade as legitimate dependencies, exploiting the trust developers place in open-source repositories. Once integrated, the malware silently extracts sensitive wallet information, potentially leading to significant financial losses for users. This incident highlights the growing threat landscape targeting the Rust ecosystem and the broader open-source community. It underscores the critical need for enhanced security measures, including rigorous package vetting, dependency auditing, and developer awareness to mitigate risks associated with supply chain attacks. The attack also serves as a reminder that no programming language or ecosystem is immune to cyber threats, emphasizing the importance of continuous monitoring and proactive defense strategies in software development environments.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 25 Sep 2025 15:45:16 +0000


Cyber News related to Malicious Rust packages on Crates.io steal crypto wallet keys

Malicious Rust Crates Steal Solana and Phantom Wallets, Targeting Crypto Users - In a recent cybersecurity alert, researchers have uncovered malicious Rust crates designed to steal cryptocurrency wallets, specifically targeting Solana and Phantom wallet users. These malicious crates, disguised as legitimate software packages, are ...
3 months ago Thehackernews.com
FLOSS for Gophers and Crabs: Extracting Strings from Go and Rust Executables - To support the static analysis of Go and Rust executables, FLOSS now extracts program strings using enhanced algorithms. Where traditional extraction algorithms provide compound and confusing string output FLOSS recovers the individual Go and Rust ...
2 years ago Mandiant.com
Malicious Rust packages on Crates.io steal crypto wallet keys - Recently, security researchers uncovered a series of malicious Rust packages hosted on Crates.io, the official Rust package registry, designed to steal cryptocurrency wallet keys from developers who inadvertently include these packages in their ...
3 months ago Bleepingcomputer.com
CVE-2023-40030 - Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package ...
2 years ago
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data - A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital ...
1 year ago Thehackernews.com
Lazarus hacked Bybit via breached Safe{Wallet} developer machine - While investigating the attack, crypto fraud investigator ZachXBT discovered links between the Bybit hackers and the infamous North Korean Lazarus threat group after the attackers sent some of the stolen Bybit funds to an Ethereum address previously ...
10 months ago Bleepingcomputer.com Lazarus Group
New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys - The cybersecurity researchers at Checkmarx uncovered a series of new supply chain attacks that exploited the Python Package Index (PyPI) in September 2024 using malicious packages to target cryptocurrency wallets. These packages identified as ...
1 year ago Hackread.com
Android/SpyNote Moves to Crypto Currencies - Affected Platform: AndroidImpacted Users: Android users with mobile crypto wallet or banking applicationsImpact: Financial LossSeverity Level: Medium. It has grown into one of the most common families of malware for Android, with multiple samples, ...
1 year ago Feeds.fortinet.com
CVE-2019-16760 - Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and ...
6 years ago
CVE-2025-12194 - Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows ...
2 months ago
New Malicious Rust Crates Impersonating fast_log Discovered - A recent cybersecurity investigation has uncovered new malicious Rust crates that impersonate the popular fast_log logging library. These crates are designed to deceive developers by mimicking legitimate packages, thereby infiltrating software supply ...
3 months ago Cybersecuritynews.com
Nest Wallet CEO Loses $125,000 in Wallet Draining Scam - The co-founder and CEO of a startup cryptocurrency wallet said he lost $125,000 in crypto in a scam, becoming among the latest victims of the growing threat of wallet drainer malware that one cybersecurity firm stole almost $300 million from more ...
1 year ago Securityboulevard.com
Coinbase phishing email tricks users with fake wallet migration - A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. Instead, the phishing email includes a recovery phrase, which ...
9 months ago Bleepingcomputer.com
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
2 years ago Darkreading.com Lazarus Group
Malicious PyPI packages targeting highly specific MacOS machines - As part of our software package supply chain security efforts, we continuously scan for malware in newly released PyPI and NPM packages. In this post, we describe a particularly interesting cluster of malicious packages that we've identified. In late ...
1 year ago Securitylabs.datadoghq.com
Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases - The Rust Project has issued an update for its standard library, after a vulnerability researcher discovered a specific function used to execute batch files on Windows systems could be exploited using an injection flaw. The set of common functions ...
1 year ago Darkreading.com CVE-2024-24576
New Linux Kernel Code Written In Rust To Eliminate Memory Safety Bugs - Since Rust was officially merged into the Linux kernel in October 2022, development teams have been steadily working to implement Rust-based drivers and components that inherently prevent common memory-related security issues. The Linux kernel has ...
9 months ago Cybersecuritynews.com
Navigating the Perilous Waters of Crypto Phishing Attacks - Key Highlights: Check Point Research Unveils Rise in Sophisticated Crypto Phishing: An investigation reveals an alarming increase in advanced phishing schemes targeting a variety of blockchain networks, employing wallet-draining techniques. ...
2 years ago Blog.checkpoint.com
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
1 year ago Bleepingcomputer.com
5000+ Malicious Packages Found In The Wild To Compromise Windows Systems - These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data theft, unauthorized access, and complete system compromise. Similarly, ...
9 months ago Cybersecuritynews.com
CVE-2022-36113 - Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the ~/.cargo folder on disk, making it available to the Rust projects it builds. To record when an extraction is ...
2 years ago
Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities - Google today announced a grant of $1 million to the Rust Foundation, meant to help improve the interoperability between Rust and C++ code. The internet giant joined the Rust Foundation in 2021, for the same reason, and has adopted the memory-safe ...
1 year ago Securityweek.com
Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds - Meanwhile, Coin98 Wallet contained a vulnerability allowing attackers to send crafted messages with isDev:true parameter to the Content Script, making the Background Script believe commands came from the legitimate Wallet UI rather than a malicious ...
8 months ago Cybersecuritynews.com CVE-2023-40580
CVE-2023-38291 - An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G ...
1 year ago
Malicious npm and PyPI Pose as Developer Tools to Steal Login Credentials - The researchers noted that the packages employ various exfiltration methods to transmit stolen credentials to threat actors, with react-native-scrollpageviewtest using Google Analytics as its exfiltration channel, while the PyPI packages leverage ...
8 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)