Crates.io: Malicious crates faster_log and async_println
17 hours ago
- #crates.io
- #security
- #malware
- Two malicious crates (faster_log and async_println) were discovered on crates.io, actively searching for Ethereum and Solana private keys.
- The crates were typosquatting legitimate ones, executing malicious code at runtime but not at build time.
- The crates exfiltrated found keys to a specific URL.
- Actions taken included disabling the users, deleting the crates, and retaining logs for analysis.
- The crates had no downstream dependencies and the associated users had no other publishes.
- Thanks were given to the reporting individual and the response team members.