NPM supply chain attack uses Ethereum blockchain

Photo of a chain illustrating the discovery of a malware campaign that takes advantage of the npm packages ecosystem for a software supply chain attack and uses the Ethereum blockchain for resilience against cyber security detection and mitigation strategies.

Checkmarx researchers have detected a unique supply chain attack within the NPM ecosystem that uses the Ethereum blockchain.

The malicious package, dubbed "jest-fet-mock," targets developers with a multi-platform malware employing Ethereum smart contracts for command-and-control (C2) operations. This marks a convergence of blockchain technology with traditional attack vectors—a method not yet observed in NPM packages. 

Attack mechanics and distribution

The...

4 November 2024 | Blockchain

PyPI suspends registrations amid malware attack

The Python Package Index (PyPI) has suspended new project creation and user registration to mitigate an ongoing malware upload campaign. This move comes as security researchers at Checkmarx uncovered a campaign involving multiple malicious packages related to the same threat actors.

The attackers are targeting victims through typosquatting attacks, tricking users into installing malicious Python packages through their command-line interface. This multi-stage attack aims to steal...

28 March 2024 | Developer