Ddos 
The Socket Threat Research Team has exposed three malicious open-source packages masquerading as developer tools — designed not to assist developers, but to steal cryptocurrency wallet credentials.
The report highlights three specific malicious packages:
- react-native-scrollpageviewtest (npm): Downloaded over 1,200 times, this package poses as a utility for scrollable views in React Native. However, beneath the UI code lies a credential-harvesting operation that dynamically loads wallet APIs and silently exfiltrates seed phrases and private keys via Google Analytics. This package uses various obfuscation techniques, including string concatenation, encoding/decoding operations, and character code arrays, to evade detection.
- web3x (PyPI): Disguised as an Ethereum balance checker, this package silently exfiltrates the victim’s mnemonic seed phrase to a Telegram bot.
- herewalletbot (PyPI): Presenting itself as a wallet tool, this package functions as credential-harvesting malware, stealing mnemonic seed phrases.
These packages demonstrate a clear pattern: they masquerade as legitimate developer tools to deceive users into installing them, only to then steal their valuable cryptocurrency credentials.
The report emphasizes the critical importance of mnemonic seed phrases and private keys, stating: “The key take-away advice for developers is simple but critical: your mnemonic seed phrase and private key are the keys to your crypto assets.”
These credentials provide access to and control over a user’s cryptocurrency holdings, and as the report warns, “Any package that collects or transmits these secrets without your explicit, informed consent is malicious.”
The report urges developers to be extremely cautious with their mnemonic seed phrases and private keys. It warns, “Never share them with anyone, any code, or any bot, no matter how convincing the social engineering prompts may be,” and reiterates a crucial principle: “If a script or individual asks for your seed phrase; it’s not a feature, it’s a scam.”
Donate