Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

Nov 5, 2024

An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware.
The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few

Get Free Report & Network Analysis

Please check your email for the free report.