“Simple-Looking Code Tapped Ethereum’s Blockchain to Fetch Hidden Urls That Directed Compromised Systems to Download Second-Stage Malware.”, – WRITE: www.coindesk.com
Researchers at Reversinglabs Earlier this Week Uncovered Two Malicious Npm Packages that used Ethereum Smart Contracts to Conceal HarmFul Code, Allowing The Malware to BYPASSESSSESSSESS
NPM is a Package Manager for the Runtime Environment Node.js and Is Considired The World’s Largest Software Registry, Were Developers Can Access and Share Code of Mments.
The Packages, Colortoolsv2 and “Mimelib2,” Were Uploaded to the Widly Use Node Package Manager Repository in July. They Appeared to be Simple Utilites at First Glance, But In Practice, They Tapped Ethereum’s Blockchain to Fetch Hidden Urls that Directed Compromiseed Systems to Download Secon.
By imbedding these commands with a smart control, attackers Disguised their Activity As Legitimate Blockchain Traffic, Making Detection More Diffelt.
“This is someting we haven’t seeen previosly,” reversinglabs researcher Lucija valentricthys said in their report. “IT Highlights the Fast Evolution of Detection Evasyion Strategies by Malicious ACtors Who Are Are Trolling Open Source Repositories and Developers.”
The Technique Builds On An Old Playbook. Past Attacks Have Used Trusted Services Like GitHub Gists, Google Drive, or OneDrive to Host Malicious Links. By leveraGing ethrereum smart contracts Institute, Attackers Added a Crypto-Flavored Twist to An Already Dangerous Supple Chain Tactic.
The incident is Part of a Broader Campaign. ReversingLabs Discovered the Packages Tied to Fake GitHub Repositories that Pasted As Cryptocurrency Trading Bots. These reposes were padded with fabricated commits, Bogus User Accounts, and Inflated Star Counchers to Look Legitimate.
Developers Who Pulled The Code Risked Importing Malware Without Being Aware of It.
Supply Chain Risks in Open-Source Crypto Tooling Are Not New. Last Year, Researchers Flagged More than 20 Malicious Campaigns Targeting Developers Through Repositories Such as NPM and Pypi.
Many Were Aimed at Stealing Wallet Credentials or Installing Crypto Mines. But The Use of Ethereum Smart Contracts As A Delivery Mechanism Shows Adversaries Are Adapting Quickly to Blend Into Blockchain Ecosystems.
A takeaway for devlopers is that popular commits or active Maintainers can be faked, and even Seemingly innous Packages May Carry Hidden Payloads.
Gold’s 33% Surge Cements Its Role As the Benchmark Asset, While Bitcoin’s Long-TRUCTURE AGAINST GOLD SIGNALS A DECISIVE MOVE AHEAD.
- Gold, Fueled by Falling Bond Yields and Economic Concerns, Has Outpaced Both the Nasdaq and Bitcoin This Year.
- The BTC/Xau Ratio Sits in A Long-Term Ascending Triangle, With A Potential Breakout Possible Later This Year or Early 2026.
Read Full Story