Hackers are exploiting Ethereum smart contracts to inject malware into popular NPM coding libraries, using packages to run ...

Two npm packages hide downloader commands via Ethereum smart contracts; uploaded July 2025; targeting crypto developers.

ReversingLabs' research identified the npm packages clortoolv2 and mimelib2, which used Ethereum smart contracts to hide ...

Ethereum smart contracts used to hide URL to secondary malware payloads in an attack chain triggered by a malicious GitHub ...

Hackers are using Ethereum smart contracts to conceal malware payloads inside seemingly benign npm packages, a tactic that ...

Security researchers found malware packages using the Ethereum blockchain to conceal malicious commands on GitHub repos.

Simple-looking code tapped Ethereum’s blockchain to fetch hidden URLs that directed compromised systems to download ...

ReversingLabs reveals hackers using Ethereum Smart contracts in NPM packages to conceal malware URLs, bypass scans, and ...

Ethereum smart contracts are being used to download malware via poisoned NPM packages, something Binance has linked to DPRK ...

In contrast, colortoolsv2 and mimelib2 leveraged Ethereum smart contracts to store and deliver the URLs used for fetching the ...