Microsoft cybersecurity specialists have uncovered a new trojan designed to stealthily steal cryptocurrency wallet credentials, hidden within two compromised npm packages. The npm registry is a widely used free software list for JavaScript developers, and if a user accidentally installs the malicious code, it operates secretly on the computer to harvest sensitive information, including passwords and banking details.

Once installed, the malware is capable of logging keystrokes, capturing screenshots, and extracting other confidential data from digital asset holders. In a unique tactical shift, the attackers are utilizing Hugging Face, a popular platform for artificial intelligence projects, to transport the stolen information, thereby making the data transfer route significantly less suspicious and more dangerous for potential victims.

This discovery adds to a series of warnings issued by Microsoft to crypto investors regarding evolving cyber threats. Previously, the company reported that malicious actors were manipulating fake search results and interacting with AI bots to distribute counterfeit PC utilities, which ultimately installed malicious software designed to mine cryptocurrency using the victims' graphics processing units.

***

The material is prepared solely for informational purposes and does not constitute a financial advice or recommendation.