Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Apr 15, 2025Ravie LakshmananSupply Chain Attack / Malware

Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens.

The package, ccxt-mexc-futures, purports to be an extension built on top of a popular Python library named ccxt (short for CryptoCurrency eXchange Trading), which is used to connect and trade with several cryptocurrency exchanges and facilitate payment processing services.

The malicious package is no longer available on PyPI, but statistics on pepy.tech shows that it has been downloaded at least 1,065 times.

“The authors of the malicious ccxt-mexc-futures package, claim in its README file that it extends the CCXT package to support ‘futures’ trade on MEXC,” JFrog researcher Guy Korolevski said in a report shared with The Hacker News.

However, a deeper examination of the library has revealed that it specifically overrides two APIs associated with the MEXC interface — contract_private_post_order_submit and contract_private_post_order_cancel — and introduces a new one named spot4_private_post_order_place.

In doing so, the idea is to trick developers into calling these API endpoints to create, cancel, or place a trading order on the MEXC exchange and stealthily perform malicious actions in the background.

The malicious modifications particularly target three different MEXC-related functions present in the original ccxt library, viz. ֵdescribe, sign, and prepare_request_headers.

This makes it possible to execute arbitrary code on the local machine on which the package is installed, effectively retrieving a JSON payload from a bogus domain impersonating MEXC (“v3.mexc.workers[.]dev”), which contains a configuration to direct the overridden APIs to a malicious third-party platform (“greentreeone[.]com”) as opposed to the actual MEXC website.

“The package creates entries in the API for MEXC integration, using an API that directs requests to the domain greentreeone[.]com, and not the MEXC site mexc.com,” Korolevski said.

“All requests are redirected to the domain set up by the attackers, allowing them to hijack all of the victim’s crypto tokens and sensitive information transferred in the request, including API keys and secrets.”

What’s more, the fraudulent package is engineered to send the MEXC API key and secret key to the attacker-controlled domain whenever a request is sent to create, cancel, or place an order.

Users who have installed ccxt-mexc-futures are recommended to revoke any potentially compromised tokens and remove the package with immediate effect.

The development comes as Socket revealed that threat actors are making use of counterfeit packages across npm, PyPI, Go, and Maven ecosystems to launch a reverse shell to maintain persistence and exfiltrate data.

“Unsuspecting developers or organizations might inadvertently be including vulnerabilities or malicious dependencies in their code base, which could allow for sensitive data or system sabotage if undetected,” the software supply chain security company said.

It also follows new research that delves into how large language models (LLMs) powering generative artificial intelligence (AI) tools could endanger the software supply chain by hallucinating non-existent packages and recommending them to developers.

The supply chain threat comes into play when malicious actors register and publish malware-laced packages with the hallucinated names to open-source repositories, infecting developer systems in the process – a technique referred to as slopsquatting.

The academic study found that “the average percentage of hallucinated packages is at least 5.2% for commercial models and 21.7% for open-source models, including a staggering 205,474 unique examples of hallucinated package names, further underscoring the severity and pervasiveness of this threat.”

Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.

Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.

Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!