Ethereum has become the latest front for software supply chain attacks.

Researchers at ReversingLabs earlier this week uncovered two malicious NPM packages that used Ethereum smart contracts to conceal harmful code, allowing the malware to bypass traditional security checks.

NPM is a package manager for the runtime environment Node.js and is considered the world’s largest software registry, where developers can access and share code that contributes to millions of software programs.

The packages, “colortoolsv2” and “mimelib2,” were uploaded to the widely used Node Package Manager repository in July. They appeared to be simple utilities at first glance, but in practice, they tapped Ethereum’s blockchain to fetch hidden URLs that directed compromised systems to download second-stage malwa

See Full Page