Ethereum contracts push malware on npm
RL discovered how the crypto contracts were abused — and how this incident is tied to a larger campaign to promote malicious packages on top repositories.
Read More about Ethereum contracts push malware on npmLucija Valentić
Software Threat Researcher, ReversingLabs. Lucija works on the TitaniumCore Team.
Posts from Lucija Valentić
Ethereum contracts push malware on npm
Threat actors claim VS Code extension names
RL has discovered a loophole on VS Code Marketplace that allows threat actors to reuse legitimate, removed package names for malicious purposes.
Read More about Threat actors claim VS Code extension names
Atomic and Exodus crypto wallets targeted in malicious npm campaign
RL researchers have identified yet another npm package that uses malicious patching of local software to hijack cryptocurrency transfers.
Read More about Atomic and Exodus crypto wallets targeted in malicious npm campaign
Malware found on npm infecting local package with reverse shell
For the first time, RL researchers discover malicious locally-installed npm packages infecting other legitimate packages.
Read More about Malware found on npm infecting local package with reverse shell
A new playground: Malicious campaigns proliferate from VSCode to npm
To avoid compromised packages being introduced as a dependency in a larger project, security teams need to keep an eye peeled for such malicious code.
Read More about A new playground: Malicious campaigns proliferate from VSCode to npm
Differential analysis raises red flags over @lottiefiles/lottie-player
Three versions of the popular package were infected and used to spread malicious code that was stealing crypto wallet assets.
Read More about Differential analysis raises red flags over @lottiefiles/lottie-player
Malicious npm package targets AWS users
The history of the package is a lesson in why tracking open source threats is such a challenge — and highlights the value of RL's new Spectra Assure Community.
Read More about Malicious npm package targets AWS users
Malicious helpers: VS Code Extensions observed stealing sensitive information
Two newly discovered extensions on the VS Code Marketplace are designed to steal sensitive information, showing that open source attacks are expanding.
Read More about Malicious helpers: VS Code Extensions observed stealing sensitive information
GitGot: GitHub leveraged by cybercriminals to store stolen data
ReversingLabs researchers found two suspicious npm packages that demonstrate how GitHub is increasingly being used to easily deploy malware in novel ways.
Read More about GitGot: GitHub leveraged by cybercriminals to store stolen data