Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages [email protected] (The Hacker News)

An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware.
The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past fewRead More 


Posted

in

by

Tags: