In September 2024, the good name of crates.io was invoked and besmirched by a phishing attack that targeted the owners of many popular crates, much as other language ecosystems had been the target of attacks in the preceding couple of weeks.

This talk will go over how this all went down, what we did, and how a worldwide Rust Project <-> Rust Foundation <-> Alpha-Omega collaboration was crucial in its rapid mitigation.