Malicious Package Affecting bittenso-cli package, versions [0,]
Threat Intelligence
Snyk has reported that there have been attempts or successful attacks targeting this vulnerability.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PYTHON-BITTENSOCLI-12179373
- published25 Aug 2025
- disclosed25 Aug 2025
- creditMichael Henriksen
Introduced: 25 Aug 2025
New Malicious CVE NOT AVAILABLE CWE-506 (opens in a new tab)How to fix?
Avoid using all malicious instances of the bittenso-cli package.
Overview
bittenso-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a typosquatting campaign targeting the Bittensor ecosystem. The goal of the attackers is to steal cryptocurrency from users' wallets.
The malicious packages mimic legitimate Bittensor libraries. When a user unknowingly installs one of these packages and attempts to stake their cryptocurrency, a modified function diverts the user's entire wallet balance to an address controlled by the attacker. The attack is designed to be stealthy, as it occurs during what appears to be a normal staking operation.