Security News > 2025 > January > Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems. The heavily obfuscated package, named ethereumvulncontracthandler, was published to npm on December 18, 2024, by a user

News URL

https://thehackernews.com/2025/01/malicious-obfuscated-npm-package.html