Summary: Researchers have identified a malicious Python package named “set-utils” on the PyPI repository, designed to stealthily steal Ethereum private keys by masquerading as legitimate libraries. This package primarily targets Ethereum developers using Python for blockchain applications and is no longer available for download. Its sophisticated methods of key interception and exfiltration through blockchain transactions complicate detection efforts.
Affected: Python developers, Ethereum wallet users
Keypoints :
- Malicious package “set-utils” impersonates popular libraries to deceive developers.
- Embedded functions target wallet creation to steal private keys during their generation.
- Stolen keys are exfiltrated via blockchain transactions to avoid detection by monitoring systems.
Source: https://thehackernews.com/2025/03/this-malicious-pypi-package-stole.html