{"id":348672,"date":"2025-09-26T01:55:00","date_gmt":"2025-09-26T08:55:00","guid":{"rendered":"https:\/\/cms-articles.softonic.io\/es\/?p=397068"},"modified":"2025-09-26T01:55:08","modified_gmt":"2025-09-26T08:55:08","slug":"8424-cryptocurrency-wallets-are-stolen-due-to-a-cybersecurity-issue","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/8424-cryptocurrency-wallets-are-stolen-due-to-a-cybersecurity-issue\/","title":{"rendered":"8,424 cryptocurrency wallets are stolen due to a cybersecurity issue"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Cybersecurity researchers have discovered two malicious crates in Rust that impersonate a legitimate library called fast_log, in order to steal Solana and Ethereum wallet keys from the source code. <strong>The crates, named faster_log and async_println, were published by a threat actor under the pseudonyms rustguruman and dumbnbased on May 25, 2025<\/strong>, achieving a total of 8,424 downloads, according to the software supply chain security company, Socket.<\/p>\n\n\n<h2 class=\"wp-block-heading\">Make sure you know what you are downloading<\/h2>\n\n\n<p class=\"wp-block-paragraph\">These fraudulent crates include functional registration code as a cover and contain routines that scan source files for private keys of Solana and Ethereum. <strong>Once identified, they exfiltrate the matches through an HTTP POST request to a hardcoded command and control (C2) endpoint, according to security researcher Kirill Boychenko.<\/strong><\/p>\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"RUST is the FUTURE of HACKING!\" width=\"840\" height=\"473\" src=\"https:\/\/www.youtube.com\/embed\/9T1e7ASS-eA?start=23&#038;feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n<p class=\"wp-block-paragraph\">Following the responsible disclosure of the finding, the maintainers of crates.io have taken steps to remove the Rust packages and disable the two involved accounts.<strong> In addition, they have preserved the records of the users operated by the threat actor along with the malicious crates for further analysis<\/strong>. &#8220;The malicious code was executed at runtime, when running or testing a project that depended on them,&#8221; commented Walter Pearce from crates.io.<\/p>\n\n\n<p class=\"wp-block-paragraph\">In a typosquatting attack, the actors maintained the original library&#8217;s registration functionality while introducing malicious changes during a packaging operation, which recursively searched for Rust files in a directory to find private keys. <strong>This attack is a clear reminder of how minimal code and a simple deception can create a significant risk in the supply chain<\/strong>, allowing malicious code to reach developers&#8217; computers and continuous integration systems.<\/p>\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"Avast Free Antivirus\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-s\/p\/2d9f9134-96d0-11e6-bf8f-00163ec9f5fa\/1408299994\/avast-Avast_Symbol_V2_Positive_Orange_256x256.png\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">Avast Free Antivirus<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/avast.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/avast.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have discovered two malicious crates in Rust that masquerade as a legitimate library called fast_log, in order to steal Solana and Ethereum wallet keys from the source code. The crates, named faster_log and async_println, were published by a threat actor under the pseudonyms rustguruman and dumbnbased on May 25, 2025, achieving a total of 8,424 downloads, according to the software supply chain security company, Socket. Make sure you know what you are downloading These fraudulent crates include functional logging code as a cover and contain routines [&hellip;]<\/p>\n","protected":false},"author":9318,"featured_media":348673,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[5605,16559,5816,16560,3863,2387,3808,16561],"usertag":[],"vertical":[],"content-category":[7176],"class_list":["post-348672","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-ciberseguridad","tag-crates","tag-criptomonedas","tag-fast_log","tag-privacidad","tag-rust","tag-seguridad","tag-typosquatting","content-category-seguridad-privacidad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/348672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9318"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=348672"}],"version-history":[{"count":2,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/348672\/revisions"}],"predecessor-version":[{"id":348681,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/348672\/revisions\/348681"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/348673"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=348672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=348672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=348672"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=348672"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=348672"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=348672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}