Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
22 October 2025
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims' cryptocurrency wallet keys.
The package, Netherеum.All, has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and