PT-2026-34700 · Crates.Io · Microsoftsystem64
Publicado
2026-04-13
·
Atualizado
2026-04-13
Nenhuma
Não há classificações de severidade ou métricas disponíveis. Quando houver, atualizaremos as informações correspondentes na página.
microsoftsystem64 installs a hardcoded SSH authorized keys entry (persistence/backdoor) and scans for sensitive files (.env, credential-like JSON names, keyword-matching docs), reads their contents, base64-encodes where needed, and exfiltrates everything to a remote server via HTTP. It also packages and uploads Telegram Desktop tdata, indicating targeted credential/session/data harvesting.The malicious crate had 9 versions published on 2026-04-09 that had a total of 6346 downloads. There were no crates depending on this crate on crates.io.
Thanks to Socket.dev and sitsh for detecting and reporting this to the crates.io team!
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Microsoftsystem64