Machine learning has been used to detect crypto malware targeting users of bitcoinlib, a popular Python library for making Bitcoin wallets.
ReversingLabs says the malicious packages attempted to overwrite legitimate commands in order to extract sensitive database files.
Researchers say bitcoinlib is a "widely used open-source library" that allows crypto wallets to be created and managed—attracting more than one million downloads since its launch.
Named "bitcoinlibdbfix" and "bitcoinlib-dev," the malware had been masquerading as solutions to an issue that had caused error messages to appear during Bitcoin transfers.
The researchers say the rogue coders responsible also joined a discussion on GitHub and lobbied for their libraries to be run, but other developers correctly recognized it was a scam.
Both packages have now been removed and cannot be downloaded, meaning they no longer pose a risk to developers.
According to ReversingLabs, they were detected using sophisticated algorithms that determine whether packages behave in a similar way to malware discovered in the past.
Experts say this automation is a crucial source of protection against "the rising tide of software supply chain attacks targeting cryptocurrency," and proves effective even if malware isn't accompanied by social engineering attacks.
"The number of new packages that get published on a daily basis is posing a challenge for security organizations, and ML model-based detection is currently the best answer that the security industry can provide," ReversingLabs engineer Karlo Zanki said.
This is the latest in a long line of campaigns specifically targeting crypto developers.
Back in February, Kaspersky had warned that malware was being distributed through GitHub repositories widely used by coders. If downloaded, it could hijack the victim's keyboard and replace wallet addresses with ones controlled by the attackers.
Meanwhile, a new variant of XCSSET has emerged that can take screenshots, record what a user is doing, and steal data from their Telegram account.
Edited by Stacy Elliott.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
