Today > 1 Critical | 2 High | 2 Medium vulnerabilities - You can now download lists of IOCs here!

Python Crypto Library Updated to Steal Private Keys

Nov. 26, 2024, 9:35 p.m.

External References

https://blog.phylum.io/
https://otx.alienvault.com/

Description

Phylum's automated risk detection platform discovered that the PyPI package aiocpa was updated to include malicious code that steals private keys by exfiltrating them through Telegram when users initialize the crypto library.

Date

Published: Nov. 26, 2024, 8:53 p.m.

Created: Nov. 26, 2024, 8:53 p.m.

Modified: Nov. 26, 2024, 9:35 p.m.

Indicators

c43148103e24a16d59896d6db395ed66a2cd5772ff308dfea10aa36b7f433589

556bfea997880f1365d3822d26ea57e2cfaecb231128ea1e7e50ad1f778147bb

6f435a3f209c09d8f7cf180f759a5faa2ff215edc1afce2cd62078574bb70c69

ad9f5183aa8d792ed1bc991ab3ac9b0cd4160fd9276071a7e63e7d7b4e3481b8

Attack Patterns

T1059.006

T1567

T1102

T1195