SlowMist Warns of Widespread Malware Threat in Web3 and AI Projects

SlowMist, a leading blockchain security firm, has sounded the alarm on malicious software packages that threaten the integrity of crypto, DeFi, Solana, Sui, and AI projects.

The company's threat intelligence system, MistEye, has detected over 34 malicious packages and 384 versions published across popular developer package registries, including npm, PyPI, and crates.io.

These packages pose a significant risk to developers' systems and wallets, as they can steal sensitive data such as crypto wallet information, SSH keys, cloud credentials, GitHub and AWS tokens, browser data, environment variables, and developer secrets or private keys.