Cybersecurity researchers uncovered malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys, exploiting supply chain vulnerabilities. These crates, spread by a threat actor, covertly exfiltrate private keys during runtime, posing significant risks to blockchain developers. #RustCrates #SupplyChainThreats
Keypoints
- Malicious Rust crates named faster_log and async_println impersonated legitimate libraries to deceive users.
- The threat actor, using aliases rustguruman and dumbnbased, published these crates in May 2025.
- The crates included code to scan source files for Solana and Ethereum private keys and send them to a command and control (C2) server.
- Crates.io responded by removing the malicious packages and disabling the involved accounts, with logs preserved for analysis.
- The attack highlights how simple deception with minimal code can pose significant supply chain risks to developers.
Read More: https://thehackernews.com/2025/09/malicious-rust-crates-steal-solana-and.html