Researchers at cybersecurity firm Checkmarx have raised the alarm about a dangerous malware uploaded to the Python Package Index (PyPI) that steals private keys. According to the company, the malware was automatically uploaded by suspicious users through several different packages designed to mimic the decoding applications of popular wallets such as MetaMask, Atomic, TronLink, Ronin, and other industry mainstream products.

The malware was cleverly embedded into various parts of the software package. Since the malware appeared to be harmless code, it was essentially undetectable. However, upon closer inspection, specific parts of the data allowed the hackers to take control of cryptocurrency wallets and transfer funds once an unsuspecting user called a specific function embedded in the software package. #DYOR42711