SC Media - A malicious npm package, posing as a smart contract auditor, secretly installs the Quasar RAT malware, enabling remote access and data theft, exposing vulnerabilities in software supply chains

in #blockchain4 days ago

https://www.scworld.com/news/npm-package-poses-as-legit-ethereum-smart-contract-injects-quasar-rat
Screenshot_20250103-140927_Chrome.jpg

A malicious npm package disguised as a smart contract bug detector secretly installs the Quasar RAT malware, allowing attackers remote access and data theft.

This supply chain attack highlights the critical need for developers and organizations to meticulously verify the source and integrity of all software packages before installation.

Users should prioritize robust security practices, including monitoring network activity and implementing strong access controls, to mitigate the risk of similar attacks.

Screenshot_20211106-080453_DesignEvo.jpg

#horror #malicious #npm #smart-contract #quasar #rat #malware
4 days ago in #blockchain by
$6.79
  • Pending payout amount: $6.79
  • Breakdown:
        3.40 SBD,
        11.56 SP
  • Payout in 3 days
39 votes
Reply 1
Sort:  
  • Trending
    • [-]
     4 days ago 

    Upvoted! Thank you for supporting witness @jswit.

    $0.00
      Reply

      Coin Marketplace

      STEEM 0.30
      TRX 0.27
      JST 0.045
      BTC 101828.29
      ETH 3672.80
      SBD 2.56