On October 12, researchers at cyber security company Checkmarx have raised the alarm about a dangerous malicious software uploaded to Python Package Index (PyPI), which steals private keys. According to the company, the malicious software was automatically uploaded by suspicious users through several different packages, designed to mimic the decoding applications of popular wallets such as MetaMask, Atomic, TronLink, Ronin, and other mainstream products in the industry. The malicious software is cleverly embedded into various parts of the package. Since the malicious software appears to be harmless code, it is essentially undetectable. However, upon closer inspection, once an unsuspecting user invokes a specific function embedded in the software package, a specific part of the data allows hackers to take control of cryptocurrency wallets and transfer funds.