<ul><li>Researchers have discovered malicious npm and PyPI packages designed to target Solana private keys and steal funds from victims' wallets.</li><li>The malicious npm packages allowed threat actors to exfiltrate Solana private keys via Gmail.</li><li>The attackers used names typosquatting popular libraries and exfiltrated the stolen information via Gmail's SMTP servers.</li><li>The packages are still live on npm despite experts' requests for removal, and two GitHub repositories were reported for supporting the malware campaign.</li></ul>

Malicious npm and PyPI target Solana Private keys to steal funds from victims’ wallets

Discover more