SlowMist has identified a cross-registry supply chain attack targeting developers in the cryptocurrency, DeFi, Solana, Sui/Move, and AI sectors. The attack, detected by SlowMist's MistEye system, involves over 34 malicious packages and more than 384 versions across npm, PyPI, and Crates.io registries. These packages aim to steal sensitive information such as crypto wallets, SSH keys, and cloud credentials.
The attack employs various methods to maintain persistence, including Git hooks and systemd. SlowMist advises developers to remove affected packages, isolate compromised systems, rotate credentials, and rebuild environments from clean images. A thorough review of GitHub, cloud services, and wallet activities is also recommended to mitigate risks.
SlowMist Uncovers Cross-Registry Supply Chain Attack on Crypto and AI Developers
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.