Cert2Connect

BIPClip Campaign Steals BIP39 Mnemonic Phrases

Researchers have uncovered a new malicious campaign involving seven different open-source packages across 19 versions on the Python Package Index  PyPI) with the earliest dating back to December 2022. The campaign dubbed BIPClip aims to steal mnemonic phrases used for recovering crypto wallets highlighting the ongoing targeting of cryptocurrency in supply chain attacks. This campaign demonstrates the lengths to which threat actors go to disguise their malicious activities utilizing tactics like malicious file dependencies and name squatting. Targets include developers involved in cryptocurrency wallet generation and security particularly those implementing Bitcoin Improvement Proposal 39 (BIP39) which simplifies wallet seed generation using mnemonic phrases for easier recall.
Overzicht

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak