When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
According to the researchers, the attack started on August 12 this year.
Multiple malicious npm packages were uploaded, including temp-etherscan-api, and two versions of ethersscan-api.
OpenVPN-protokollet - därför är det så bra
Chances are, there are even more packages out there.
Sometimes, they would reach out via LinkedIn, and sometimes, via instant messaging platforms such asTelegram.
These packages deploy a piece of Pythonmalwarecalled InvisibleFerret, capable of exfiltrating sensitive data from cryptocurrency walletbrowserextensions.
Lazarus is one of the largest, most disruptive hacking collectives to come out of North Korea.
ViaThe Hacker News
