An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware.
The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past fewRead More
Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages [email protected] (The Hacker News)
by
Tags: