bittenso
bittenso is identified in the SafeDep analysis "Multiple Malicious Python Packages Targeting Bittensor Crypto Developers". Multiple malicious Python packages targeting crypto developers and their applications using typosquatting were discovered on PyPI. The packages were used to steal funds by executing a stealthy staking operation.
discovered 2025-08-12
Threat types
credential_stealerdata_exfiltrationratpersistencecrypto_drainertyposquat
Malicious versions
- 9.9.5
Campaigns
Techniques
- ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
- ttpT1059.006 Command and Scripting Interpreter: Pythonuses
- ttpT1036 Masquerading: package impersonation and typosquattinguses
- ttpT1552.001 Unsecured Credentials: Credentials In Filesuses
- ttpT1041 Exfiltration Over C2 Channeluses
- ttpT1552.004 Unsecured Credentials: Private Keysuses
- ttpT1105 Ingress Tool Transferuses
- ttpT1071.001 Application Layer Protocol: Web Protocolsuses
- ttpT1071.004 Application Layer Protocol: DNSuses
- ttpT1546 Event Triggered Executionuses
