SC Media - A malicious npm package, posing as a smart contract auditor, secretly installs the Quasar RAT malware, enabling remote access and data theft, exposing vulnerabilities in software supply chains

in blockchain •  6 months ago 

https://www.scworld.com/news/npm-package-poses-as-legit-ethereum-smart-contract-injects-quasar-rat
Screenshot_20250103-140927_Chrome.jpg

A malicious npm package disguised as a smart contract bug detector secretly installs the Quasar RAT malware, allowing attackers remote access and data theft.

This supply chain attack highlights the critical need for developers and organizations to meticulously verify the source and integrity of all software packages before installation.

Users should prioritize robust security practices, including monitoring network activity and implementing strong access controls, to mitigate the risk of similar attacks.

Screenshot_20211106-080453_DesignEvo.jpg

blockchain horror malicious npm smart-contract quasar rat malware
6 months ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$7.46
  • Past Payouts $7.46
  • - Author $3.73
  • - Curators $3.73
51 votes
1
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  
  • Trending
    • [-]
      ·  6 months ago 

    Upvoted! Thank you for supporting witness @jswit.

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00