Security News > 2024 > November > PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
2024-11-25 13:54
The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date. By putting the
News URL
https://thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html
Related news
- Crypto Developers Targeted by Python Malware Disguised as Coding Challenges (source)
- Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users (source)
- Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems (source)
- Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering (source)