Hackers are using Ethereum smart contracts to conceal malware payloads inside seemingly benign npm packages, a tactic that turns the blockchain into a resilient command channel and complicates takedowns. ReversingLabs detailed two npm packages, colortoolsv2 and mimelib2, that read a contract on Ethereum to fetch a URL for a second-stage downloader rather than hardcoding infrastructure
The post Ethereum smart contracts quietly push javascript malware targeting developers appeared first on CryptoSlate. CryptoSlate Read More
About The Author
