https://hackingpassion.com/tags/cryptominer/Recent content in Cryptominer on HackingPassion.com : root@HackingPassion.com-[~]HugoenThu, 22 Jan 2026 13:32:48 +0100https://hackingpassion.com/sympy-dev-malware/Thu, 22 Jan 2026 13:32:48 +0100https://hackingpassion.com/sympy-dev-malware/<p>A fake SymPy package deploys XMRig cryptominers on Linux machines. The malware hides inside polynomial functions. It only activates when you do math. Over 1,000 downloads in day one. Still live on PyPI. The real SymPy has 85 million downloads per month. That is the target size. 🧐</p> <p>Socket&rsquo;s Threat Research Team found this on January 21, 2026. The attacker copied SymPy&rsquo;s entire project description and branding, then uploaded it under a name that looks like a development build. Developers searching for SymPy or copy-pasting requirements might grab the wrong package without noticing.</p>