This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
07 March 2025
Cybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that's equipped to steal a victim's Ethereum private keys by impersonating popular libraries.
The package in question is set-utils, which has received 1,077 downloads to date. It's no longer available for download from the official registry.
"Disguised as a simple utility for Python