Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Briefly

The latest attack campaign unveils packages on npm designed to harvest Ethereum private keys by embedding malicious code, requiring developers to engage with the package for impact.

The Hacker Newshttps://thehackernews.com/2024/10/malicious-npm-packages-target.html

Phylum identified suspicious npm packages, notably ethers-mew, which not only steal Ethereum private keys but also enable attackers to gain SSH access by manipulating authorized_keys.

The Hacker Newshttps://thehackernews.com/2024/10/malicious-npm-packages-target.html