PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot The Hacker [email protected] (The Hacker News)

November 25, 2024

The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.
The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.
By putting the The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.
The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.
By putting the 

Read More

Share

In The News  / Uncategorized



Leave A Reply


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.