Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders
15 April 2025
Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that's designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens.
The package, ccxt-mexc-futures, purports to be an extension built on top of a popular Python library named ccxt (short for CryptoCurrency eXchange Trading),