ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Crypto client or cyber trap?"
Episode Synopsis
Karlo Zanki, Reverse Engineer at ReversingLabs, discussing their work on "Malicious PyPI crypto pay package aiocpa implants infostealer code." ReversingLabs' machine learning-based threat hunting system identified a malicious PyPI package, aiocpa, designed to exfiltrate cryptocurrency wallet information.
Unlike typical attacks involving typosquatting, the attackers published a seemingly legitimate crypto client tool to build trust before introducing malicious updates. ReversingLabs used its Spectra Assure platform to detect behavioral anomalies and worked with PyPI to remove the package, highlighting the growing need for advanced supply chain security tools to counter increasingly sophisticated threats.
The research can be found here:
Malicious PyPI crypto pay package aiocpa implants infostealer code
Learn more about your ad choices. Visit megaphone.fm/adchoices
Unlike typical attacks involving typosquatting, the attackers published a seemingly legitimate crypto client tool to build trust before introducing malicious updates. ReversingLabs used its Spectra Assure platform to detect behavioral anomalies and worked with PyPI to remove the package, highlighting the growing need for advanced supply chain security tools to counter increasingly sophisticated threats.
The research can be found here:
Malicious PyPI crypto pay package aiocpa implants infostealer code
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Research Saturday
Excel-lerating cyberattacks.
27/12/2025
The lies that let AI run amok.
20/12/2025
Root access to the great firewall.
13/12/2025
When macOS gets frostbite.
06/12/2025
A new stealer hiding behind AI hype.
29/11/2025
Two RMMs walk into a phish…
22/11/2025
When clicks turn criminal.
15/11/2025
A fine pearl gone rusty.
08/11/2025
Attack of the automated ops.
01/11/2025
A look behind the lens.
25/10/2025
In God we trust