Cybersecurity researchers have uncovered a malicious Python package, set-utils, on the Python Package Index repository that targeted Ethereum developers by stealing private keys, according toThe Hacker News.The package, which was downloaded 1,077 times before removal, impersonated popular Python libraries such as python-utils and utils to deceive developers into installing it.Themalwarespecifically aimed at Python-based blockchain applications and wallet management tools, such as eth-account. Once installed, it secretly intercepted private keys when users generated new Ethereum wallets using functions like “from_key()” and “from_mnemonic()”.The stolen keys were encrypted using the attacker’s RSA public key and transmitted via blockchain transactions using the Polygon RPC endpoint to evade traditional network-based security monitoring. A background process facilitated this theft, further complicating detection.Security firm Socket warned that this technique could allow attackers to compromise wallets even after accounts were successfully created. Developers are advised to review dependencies carefully and monitor security advisories to prevent similar attacks.