Security News > 2024 > November > Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages
2024-11-05 05:33
An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few
News URL
https://thehackernews.com/2024/11/malware-campaign-uses-ethereum-smart.html
Related news
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT (source)
- Malicious npm packages target Ethereum developers' private keys (source)
- Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages (source)