back
search
headphones
Bitcoin Python Library Targeted by Wallet Draining Malware
量子交易者
量子交易者
authIcon
数字货币大师
04-05 00:23
Follow
Focus
Security researchers flagged that popular Bitcoin Python library, bitcoinlib, was being targeted by malware.
Helpful
Not Helpful
Play

Machine learning has been used to detect crypto malware targeting users of bitcoinlib, a popular Python library for making Bitcoin wallets.

ReversingLabs says the malicious packages attempted to overwrite legitimate commands in order to extract sensitive database files.

Researchers say bitcoinlib is a "widely used open-source library" that allows crypto wallets to be created and managed—attracting more than one million downloads since its launch.

Named "bitcoinlibdbfix" and "bitcoinlib-dev," the malware had been masquerading as solutions to an issue that had caused error messages to appear during Bitcoin transfers.

The researchers say the rogue coders responsible also joined a discussion on GitHub and lobbied for their libraries to be run, but other developers correctly recognized it was a scam.

Both packages have now been removed and cannot be downloaded, meaning they no longer pose a risk to developers.

According to ReversingLabs, they were detected using sophisticated algorithms that determine whether packages behave in a similar way to malware discovered in the past.

Experts say this automation is a crucial source of protection against "the rising tide of software supply chain attacks targeting cryptocurrency," and proves effective even if malware isn't accompanied by social engineering attacks.

"The number of new packages that get published on a daily basis is posing a challenge for security organizations, and ML model-based detection is currently the best answer that the security industry can provide," ReversingLabs engineer Karlo Zanki said.

This is the latest in a long line of campaigns specifically targeting crypto developers.

Back in February, Kaspersky had warned that malware was being distributed through GitHub repositories widely used by coders. If downloaded, it could hijack the victim's keyboard and replace wallet addresses with ones controlled by the attackers.

Meanwhile, a new variant of XCSSET has emerged that can take screenshots, record what a user is doing, and steal data from their Telegram account.

Edited by Stacy Elliott.

Open the app to read the full article
DisclaimerAll content on this website, hyperlinks, related applications, forums, blog media accounts, and other platforms published by users are sourced from third-party platforms and platform users. BiJieWang makes no warranties of any kind regarding the website and its content. All blockchain-related data and other content on the website are for user learning and research purposes only, and do not constitute investment, legal, or any other professional advice. Any content published by BiJieWang users or other third-party platforms is the sole responsibility of the individual, and has nothing to do with BiJieWang. BiJieWang is not responsible for any losses arising from the use of information on this website. You should use the related data and content with caution and bear all risks associated with it. We strongly recommend that you independently research, review, analyze, and verify the content.
Comments(0)

No comments yet

edit
comment
collection
like
share
Binance Wallet将上线Mind Network TGE,认购上限为3 BNB
04-10 16:04天空漫步者
http://img.528btc.com.cn/default/article29.jpg
Bull Bitcoin: The Cypherpunk Bitcoin Exchange
04-10 01:00代码先锋
http://img.528btc.com.cn/pro/2025-04-10/img/1744253478116055xh5h6aaj0a1x1625bc8x059ajc14c.jpg
Support The Victims Of The Myanmar Earthquake With Bitcoin
04-10 01:01代码先锋
http://img.528btc.com.cn/pro/2025-04-10/img/1744253495198377b83836xx6j29c8j9h59x46bcx45j1.jpg
How to Communicate a Corporate Bitcoin Strategy to Shareholders
04-10 01:00代码先锋
http://img.528btc.com.cn/pro/2025-04-10/img/1744253483883cb903bb757cx702a672h94bj7a47c768.jpg
From Coal To Crypto: Why I’m In On Bitcoin
04-10 01:01代码先锋
http://img.528btc.com.cn/pro/2025-04-10/img/1744253502622j3c6019807895c944xhb38cjx0a66251.jpg
Open the app to read more news