Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@doctormckay/crypto
Advanced tools
McCrypto
As with everything in the @doctormckay namespace on npm, this is mostly for my own usage. If you want to use it that's fine, but don't expect any support. I'll respect semver so you don't need to worry about breaking changes if you pin your dependencies properly.
This is just a module that uses node's built-in crypto module. The idea is to make it easier to encrypt stuff
and store it on disk or send it over the wire securely.
See here for the supported ciphers.
Methods
isWellFormed(buffer)
buffer- ABufferobject
Returns true if the input buffer is a well-formed blob which can be decrypted by this module.
encrypt(cipher, key, data)
cipher- One of the Cipher constantskey- Either a string or aBuffercontaining your encryption keydata- Either a string (interpreted as UTF-8) or aBuffercontaining the plaintext you want to encrypt
Returns a Buffer containing the encrypted contents. The output should be interpreted as a black box, but for reference
here is the structure:
magic- A 2-byte magic valueflags- A 1-byte bitstring of flagscipher- A 1-byte value containing the cipher constant
All remaining data is left up to the specific cipher.
AES256CTRWithHMACivLength- A 1-byte value containing the length of the IViv- The randomly-generated binary IV (length given byivLength)ciphertext- The encrypted ciphertexthmac- The HMAC (20 bytes)
The key may be interpreted differently depending on the cipher.
AES256CTRWithHMAC- The key is hashed with SHA256 and the binary hash is used as the key
decrypt(key, data[, expectAuthentication])
key- Either a string or aBuffercontaining your encryption key (should match what was given to encrypt())data- ABuffercontaining your encrypted data (should be identical to what was returned by encrypt())expectAuthentication- Optional. Iftrue, this will throw anErrorif the data is not authenticated (e.g. with HMAC)
Decrypts a buffer and returns the plaintext. If you originally passed a string to encrypt(), this will return a
UTF-8 string. Otherwise, it will return a Buffer.
FAQs
An implementation of Node's crypto
We found that @doctormckay/crypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 15 Oct 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025