Cryptocurrency-stealing malware found in Python package index

Odaily News Researchers at cybersecurity firm Checkmarx have raised the alarm about a dangerous malware uploaded to the Python Package Index (PyPI) that steals private keys. According to the company, the malware was automatically uploaded by suspicious users through several different packages designed to mimic the decoding applications of popular wallets such as MetaMask, Atomic, TronLink, Ronin, and other industry mainstream products. The malware was cleverly embedded in various parts of the software packages. Since these malware appear to be harmless code, they are basically undetectable. However, upon closer inspection, specific parts of the data allow hackers to take control of cryptocurrency wallets and transfer funds once unsuspecting users call specific functions embedded in the software packages.