A malicious Rust crate (package) named evm-units, aimed at stealing cryptocurrency from unsuspecting developers, has been pulled from the official public package registry for the Rust programming language, but not before having been downloaded 7257 times. Another package (uniswap-utils) by the same author appeared to be benign, but depends on evm-units and calls it in one of its files. That package has been removed as well, after having been downloaded 7441 times, the crates.io team … More →
