A whole host of crypto npm packages have been compromised

0 0 Tuesday, September 27, 2022

A number of npm packages published by a major cryptocurrency exchange have been compromised and updated to carry malicious code Decentrali...

A number of npm packages published by a major cryptocurrency exchange have been compromised and updated to carry malicious code

Decentralized cryptocurrency exchange (DEX) dydX tweeted its discovery of the compromise, and how it was acting to remedy the problem. 

“At 6:14AM EST, we identified malicious versions published to a number of dYdX NPM packages that were quickly removed,” its tweet read. “All funds are SAFE, our websites/apps have NOT been compromised, the attack did NOT impact smart contracts.”

Multiple packages spreading infostealers

Further explaining how user funds aren’t compromised, the company said: “Reminder that dYdX does not have custody of user funds, which are deposited directly to a smart contract on the blockchain.”

Cybersecurity researcher Maciej Mensfeld of security firm Mend and Difend.io, found that some packages contained code that would run information stealing malware when run. He found three packages that were hijacked to be used in identity theft attacks.

  • @dydxprotocol/solo - versions 0.41.1, 0.41.2
    @dydxprotocol/perpetual - versions 1.2.2, 1.2.3

Allegedly, the package '@dydxprotocol/node-service-base-dev' was also compromised, but that one has since been pulled from the platform. 

The packages are described as "Ethereum Smart Contracts and TypeScript library used for the dYdX Solo Trading Protocol." The solo package, the publication found, is used by at least 44 GitHub repositories, being built by “multiple crypto platforms.”

Read more

> A nasty new infostealer malware is landing in email inboxes

> A nasty new infostealer malware is landing in email inboxes

These are the best endpoint protection services around

Apparently, this is not the first time threat actors were trying to smuggle this identical malicious code into various packages. In fact, BleepingComputer claims to have seen code “strikingly identical” to this one in the malicious “PyGrata” Python packages that were stealing Amazon Web Services (AWS) credentials, environment variables, as well as SSH keys. 

Code repositories are often the targets of malicious actors who sometimes build malicious versions of popular repositories and give them similar names, in hopes of overworked/reckless developers unknowingly picking the wrong one.

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/uyd4SOf
via IFTTT

Labels:

SHARE:

Twitter Facebook Google Pinterest

COMMENTS

BLOGGER
Surprise Gifts for Best Comments... Follow, Share & Comment!

(Also we do all types of Promotional Activities for your Products / Website or Company. You can instantly contact us by sending your details in the footer "Promotional Activities Form".)

Team TrendlyNews,
www.trendlynews.in
DISQUS
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,126,Video,5,XIAOMI,13,YouTube - 9to5Google,125,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: A whole host of crypto npm packages have been compromised
A whole host of crypto npm packages have been compromised
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2022/09/a-whole-host-of-crypto-npm-packages.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2022/09/a-whole-host-of-crypto-npm-packages.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy