top of page

Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems

3 december 2025 om 08:39:00

thehackernews.com

Cybersecurity researchers discovered a malicious Rust package named 'evm-units' uploaded to crates.io that targets Windows, macOS, and Linux systems. The malware disguises itself as an Ethereum Virtual Machine (EVM) unit helper tool to target Web3 developers. The package was uploaded by a user named 'ablerust' in mid-April 2025 and contains OS-specific malware designed to execute stealthily on developer machines. This represents a supply chain attack targeting the Rust ecosystem and Web3 development community.

Related links:

https://thehackernews.com/2025/12/malicious-rust-crate-delivers-os.html

Related CVE's:

No CVEs found in this article

Related threat actors:

ABLERUST

Affected products:

Rust Cratescrates.io

IOC's:

evm-units

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page