Malicious Python packages target popular Bitcoin library

When it comes to the frequency and sophistication of software supply chain attacks, few industries can compare with cryptocurrency. As ReversingLabs' 2025 Software Supply Chain Security Report notes, 2024 saw close to two dozen sustained supply chain campaigns designed to compromise cryptocurrency applications, cryptocurrency owners’ wallets, and cryptocurrency trading platforms.

The trend continues in 2025. A string of malicious software supply chain campaigns has targeted developers working on crypto-related applications. The latest popped onto the RL research team's radar last week when automated machine-learning (ML) detection features in RL's Spectra platform identified two malicious Python packages, posted to the Python Package Index (PyPI), containing code designed to exfiltrate sensitive database files.

Here's how the crypto malware was discovered by the RL research team.

Download: 2025 Software Supply Chain Security ReportSee the SSCS Report Webinar

Popular Python crypto library targeted with a fake fix

The Python packages we found both had names that target users of bitcoinlib, a popular Python library that contains features for creating and managing crypto wallets, interacting with the blockchain, and running Bitcoin scripts, among other things. Bitcoinlib is a widely used open-source library, with more than 1 million downloads to date and frequent updates.

The malicious packages detected were named bitcoinlibdbfix and bitcoinlib-dev. Both names are apparent references to an issue raised recently related to error messages being generated by bitcoinlib during bitcoin transfers, with calls from developers for the maintainers to address that issue.

The malicious libraries both attempt a similar attack, overwriting the legitimate clw cli command with malicious code that attempts to exfiltrate sensitive database files.

The developers responsible for the scam libraries appear to have joined in a discussion with other bitcoinlib developers and attempted to get the bitcoinlibdbfix library downloaded and run. However, the malicious content of that library was detected by the package contributors and the comments were deleted.

The second malicious package, bitcoinlib-dev, was uploaded to PyPI shortly after the first package was removed from the package manager, but it has now been removed and is not available for download.

A big win for ML detection of supply chain attacks

While the threat remains on PyPI, ReversingLabs' detection of the malicious packages is evidence of the growing power of AI and ML in detecting emerging software supply chain attacks.

Both the bitcoinlibdbfix and bitcoinlib-dev packages were flagged in RL’s Spectra platform using ML algorithms that can detect novel malware by analyzing the behaviors that software components exhibit. It then flags those that resemble behaviors associated with previously discovered malware campaigns and software supply chain attacks.

By encapsulating threat hunting intelligence similar to discrete security policies such as these, Spectra is capable of spotting emerging threats in Python and other open-source packages — even absent social engineering campaigns such as the one carried out by the developers of the malicious bitcoinlib packages.

Automated detection like this is critical if software publishers and end-user organizations hope to shield themselves from the rising tide of software supply chain attacks targeting cryptocurrency.

Karlo Zanki, reverse engineer at ReversingLabs, said that using open-source packages in a development environment and software project "can pose a significant security risk.”

Automated ML detections are the only way to implement real-time protection from emerging threats that bypass traditional signature-based detection mechanisms. The number of new packages that get published on a daily basis is posing a challenge for security organizations, and ML model-based detection is currently the best answer that the security industry can provide.

Karlo Zanki