The files and directories targeted by the malicious code could potentially contain developers’ sensitive data. Researchers speculate the packages are part of a highly-targeted attack on developers working in the cryptocurrency sector.