Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

Updated on January 2, 2025

Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems.
The heavily obfuscated package, named ethereumvulncontracthandler, was published to npm on December 18, 2024, by a user…

Read the rest of the story at Read More

Source: The Hacker News

September 4, 2024 Uncategorized

Hackers Hijack 22,000 Removed PyPI Packa...

October 7, 2024 Uncategorized

Critical Apache Avro SDK Flaw Allows Rem...

April 19, 2025 Uncategorized

Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

Related posts

Hackers Hijack 22,000 Removed PyPI Packa...

Critical Apache Avro SDK Flaw Allows Rem...

ASUS Confirms Critical Flaw in AiCloud R...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines