Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.

Socket's Threat Research Team discovered two malicious Rust crates using typosquatting techniques to target developers. The primary malicious crate 'finch-rust' mimics the legitimate 'finch' package and loads a hidden dependency 'sha-rust' to steal credentials. The attack uses impersonation tactics and unpinned dependencies to automatically deliver malicious updates to victims. This represents a supply chain attack specifically targeting the Rust ecosystem through package repository manipulation.