ReversingLabs researchers uncovered two NPM packages that used Ethereum smart contracts to hide malicious URLs and bypass security scans.
Threat actors have found a new way to deliver malicious software, commands, and links inside Ethereum smart contracts to evade security scans as attacks using code repositories evolve.
Cybersecurity researchers at digital asset compliance firm ReversingLabs have found new pieces of open-source malware discovered on the Node Package Manager (NPM) package repository, a large collection of JavaScript packages and libraries.
The malware packages “employ a novel and creative technique for loading malware on compromised devices — smart contracts for the Ethereum blockchain,” ReversingLabs researcher Lucija Valentić said in a blog post on Wednesday.
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments