Researchers #ReversingLabs discovered malicious packages in the #NodePackageManager repository — a package manager for JavaScript. They operate as simple loaders, but instead of directly downloading malicious links, they referred to Ethereum smart contracts, where the malware was embedded.
The attack has become part of a larger campaign using social engineering on GitHub, where attackers were active to gain trust. According to Reversing Labs, such methods were previously unseen, and the manipulations complicate detection since blockchain traffic appears legitimate.
The new attack vector shows the evolution of hacks — attackers are combining blockchain and social engineering to bypass traditional detection methods😲.
