Malicious NPM Package Disguised as Ethereum Tool Discovered
/ 1 min read
🦠 Malicious NPM Package Disguised as Ethereum Tool Distributes Quasar RAT. Cybersecurity researchers have identified a harmful NPM package named “ethereumvulncontracthandler,” which masquerades as a vulnerability scanner but secretly installs Quasar RAT malware on developers’ systems. Published on December 18, 2024, by an alias, the package employs obfuscation techniques to evade detection and modifies Windows settings for persistence. Quasar RAT poses significant risks, including keystroke logging and credential theft, particularly threatening Ethereum developers who handle sensitive information. Experts urge strict vetting of third-party code and robust security measures to protect against such supply chain attacks, emphasizing the need for vigilance in monitoring dependencies and network activity.
