Hackers dey use Ethereum Smart Contracts hide malware inside NPM
ReversingLabs researchers don find new kind supply-chain malware campaign wey dey use Ethereum smart contracts hide malicious payload URLs, so say e fit waka pass normal security scans. Attackers come publish two trojanized NPM packages—colortoolsv2 and mimelib2—wey dem birthday as Solana and Hyperliquid trading bots for GitHub. Once people install am, these packages dey query certain Ethereum smart contracts on-chain to collect command-and-control server info for second-stage malware. The operation wey dem attach to Stargazer’s Ghost Network rely on fake GitHub accounts, pumped stars, automated commits and changing dependencies for new repos to dey hide from detection. This smart contract function exploitation na big risk for blockchain-based supply chains and NPM package security, e show say we need make we dey properly vet open-source libraries, dey monitor GitHub metrics steady and make blockchain security dem better.
Bearish
Dis kampain wey dey misuse Ethereum smart contracts to hide malware URLs fit cause big security wahala wey fit make developers and investors no trust well. For short term, traders fit dey fear to hold ETH, wey go make market dey unstable as projects and users dey check their security. For long term, better security and proper library checking fit reduce the risk, but right now, sentiment dey small bearish for Ethereum price.