Cybersecurity researchers have identified malicious npm packages that utilize Ethereum smart contracts to hide malicious commands and deliver malware. These packages are part of a sophisticated campaign targeting developers, demonstrating evolving tactics to evade detection. #EthereumSmartContracts #StargazersGhostNetwork
Keypoints
- Malicious npm packages leverage Ethereum smart contracts to conceal malicious URLs for payload delivery.
- The campaign involves a network of GitHub repositories that appear credible but distribute malware tools.
- Threat actors use a distribution-as-a-service model called Stargazers Ghost Network to promote malicious projects.
- The targeted campaigns mainly aim at cryptocurrency developers with deception and social engineering tactics.
- Developers are urged to thoroughly evaluate open source libraries and their maintainers before integrating them into projects.
Read More: https://thehackernews.com/2025/09/malicious-npm-packages-exploit-ethereum.html