🚨 Malicious PyPI package ‘set-utils’ was stealing Ethereum private keys by hooking wallet functions.
Disguised as a widely used library, it sat in the background, waiting for crypto operations.
NVK (nprofile…2swf) , Rob1Ham (nprofile…5uvg) & Seardsalmon (nprofile…s7eq) break down why this keeps happening in BR093.
BitcoinReview / Bitcoin.Review
npub1qd…pzclt
2025-03-28 03:40:04
Author Public Key
npub1qdcakl75gd7wv0nqmmwrz09ddm5tzl7xj8lq2gclng2qzd8up5yqjpzcltSeen on
wss://relay.primal.netPublished at
2025-03-28 03:40:04Event JSON
{
"id": "31226f6071e875e76020a6c294e0ac497b90af0154d1316a3f92e6058c765fc7",
"pubkey": "0371db7fd4437ce63e60dedc313cad6ee8b17fc691fe05231f9a140134fc0d08",
"created_at": 1743133204,
"kind": 1,
"tags": [
[
"p",
"516e5d1836a58224c57109dc12bb49782026a4e15ac4dc437c05ffdbed22e118",
"wss://nostr.carlostkd.ch",
"mention"
],
[
"p",
"e88a691e98d9987c964521dff60025f60700378a4879180dcbbb4a5027850411",
"wss://relay.snort.social",
"mention"
],
[
"p",
"cedab81be42ef47dbde653f4ba7ab25ac3aa32cfc2b672ee0f89c0faf882f13e",
"wss://nostr.oxtr.dev/",
"mention"
]
],
"content": "🚨 Malicious PyPI package ‘set-utils’ was stealing Ethereum private keys by hooking wallet functions.\n\nDisguised as a widely used library, it sat in the background, waiting for crypto operations.\n\nnostr:nprofile1qqsw3znfr6vdnxrujezjrhlkqqjlvpcqx79ys7gcph9mkjjsy7zsgygprpmhxue69uhhyetvv9ujuumwdae8gtnnda3kjctvqy2hwumn8ghj7mn0wd68ytndd9kx7afwd3hkcd62swf , nostr:nprofile1qqsvak4cr0jzaarahhn98a9602e94sa2xt8u9dnjac8cns86lzp0z0spz4mhxue69uhkummnw3ezummcw3ezuer9wchszythwden5te0dehhxarj9emkjmn99ulw5uvg \u0026 nostr:nprofile1qqs9zmjarqm2tq3yc4csnhqjhdyhsgpx5ns443xugd7qtl7ma53wzxqprpmhxue69uhkummnw3ezucmpwfkx7um5ddjzucmgqyv8wumn8ghj7mn0wd68ytn2ve5hxcmgv4ezummjvu4ls7eq break down why this keeps happening in BR093.\nhttps://m.primal.net/PvuE.mov",
"sig": "33a848c78ff8dc7399024c988851d928441f4d51d7b70e15a82e7bb3c888977b6274e0c77774fa70e84fc248f391458e3ab537c3da2ac8e6a1cfcd2e2dbd088c"
}