Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets

Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet.
The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from

attack bip39 campaign can crypto cryptocurrency cryptocurrency wallet crypto wallets hunters keys mnemonic package packages private private keys pypi python python package python package index python packages repository reversinglabs software software supply chain software supply chain attack steal supply supply chain supply chain attack threat wallet wallets watch