PANews reported on September 4th that according to research by digital asset compliance firm ReversingLabs, hackers have recently exploited Ethereum smart contracts to store malicious instructions and spread new malware through the Node Package Manager (NPM) repository. The "colortoolsv2" and "mimelib2" packages, released in July, query blockchain smart contracts to obtain the download address for the second-stage malware, evading traditional security scans. The attack was part of a larger social engineering scam. Hackers created a fake cryptocurrency trading bot repository on GitHub and projected a trustworthy image by fabricating commit records, maintaining accounts, and providing professional documentation. Researchers noted that while the North Korean hacker group Lazarus has used similar techniques before, this is the first time they've used smart contracts to host malicious URLs, demonstrating the continued evolution of their attack strategies.PANews reported on September 4th that according to research by digital asset compliance firm ReversingLabs, hackers have recently exploited Ethereum smart contracts to store malicious instructions and spread new malware through the Node Package Manager (NPM) repository. The "colortoolsv2" and "mimelib2" packages, released in July, query blockchain smart contracts to obtain the download address for the second-stage malware, evading traditional security scans. The attack was part of a larger social engineering scam. Hackers created a fake cryptocurrency trading bot repository on GitHub and projected a trustworthy image by fabricating commit records, maintaining accounts, and providing professional documentation. Researchers noted that while the North Korean hacker group Lazarus has used similar techniques before, this is the first time they've used smart contracts to host malicious URLs, demonstrating the continued evolution of their attack strategies.
Hackers Found New Way to Hide Malware in Ethereum Smart Contracts: Research
Per feedback o dubbi su questo contenuto, contattateci all'indirizzo crypto.news@mexc.com.
PANews reported on September 4th that according to research by digital asset compliance firm ReversingLabs, hackers have recently exploited Ethereum smart contracts to store malicious instructions and spread new malware through the Node Package Manager (NPM) repository. The "colortoolsv2" and "mimelib2" packages, released in July, query blockchain smart contracts to obtain the download address for the second-stage malware, evading traditional security scans.
The attack was part of a larger social engineering scam. Hackers created a fake cryptocurrency trading bot repository on GitHub and projected a trustworthy image by fabricating commit records, maintaining accounts, and providing professional documentation. Researchers noted that while the North Korean hacker group Lazarus has used similar techniques before, this is the first time they've used smart contracts to host malicious URLs, demonstrating the continued evolution of their attack strategies.
Opportunità di mercato
Valore NODE (NODE)
$0.01206
$0.01206$0.01206
USD
Grafico dei prezzi in tempo reale di NODE (NODE)
Disclaimer: gli articoli ripubblicati su questo sito provengono da piattaforme pubbliche e sono forniti esclusivamente a scopo informativo. Non riflettono necessariamente le opinioni di MEXC. Tutti i diritti rimangono agli autori originali. Se ritieni che un contenuto violi i diritti di terze parti, contatta crypto.news@mexc.com per la rimozione. MEXC non fornisce alcuna garanzia in merito all'accuratezza, completezza o tempestività del contenuto e non è responsabile per eventuali azioni intraprese sulla base delle informazioni fornite. Il contenuto non costituisce consulenza finanziaria, legale o professionale di altro tipo, né deve essere considerato una raccomandazione o un'approvazione da parte di MEXC.
Potrebbe anche piacerti
Spot CVD Chart Analysis: Decoding Critical Bitcoin Order Flow for April 10, 2025
BitcoinWorld Spot CVD Chart Analysis: Decoding Critical Bitcoin Order Flow for April 10, 2025 On April 10, 2025, at precisely 12:00 a.m. UTC, the Spot CVD chart
Condividi
bitcoinworld2026/04/10 08:30
Japan plans to release 20-days worth of oil stock from early May onwards
The post Japan plans to release 20-days worth of oil stock from early May onwards appeared on BitcoinEthereumNews.com. Japanese Prime Minister Sanae Takaichi said
Condividi
BitcoinEthereumNews2026/04/10 08:15
Nav3 Router: Convenient Navigation on Top of Jetpack Navigation 3
Jetpack Navigation 3 is a new Google navigation library that is fundamentally different from previous versions. The main idea of Nav3 is simple: you have a NavBackStack — a regular mutable list where each element represents a screen in your application.
Condividi
Hackernoon2025/09/17 20:00
