Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

Updated on November 5, 2024

An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware.
The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few…

Read the rest of the story at Read More

Source: The Hacker News

January 17, 2025 Uncategorized

Python-Based Bots Exploiting PHP Servers...

November 14, 2024 Uncategorized

5 BCDR Oversights That Leave You Exposed...

March 3, 2025 Uncategorized

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

Related posts

Python-Based Bots Exploiting PHP Servers...

5 BCDR Oversights That Leave You Exposed...

⚡ THN Weekly Recap: Alerts on Zero-Day...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines