Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

500k Crypto Heist Highlights Growing Threat of Malicious Open-Source Packages

2025-07-15
500k Crypto Heist Highlights Growing Threat of Malicious Open-Source Packages

A Russian blockchain developer lost $500,000 in cryptocurrency due to a cyberattack. The attack originated from a fake Solidity language extension that ranked highly in the Open VSX registry, accumulating 54,000 downloads. This malicious extension downloaded and executed malicious code, ultimately installing ScreenConnect remote management software, enabling attackers to steal data. Attackers also released another malicious package named "solidity", mimicking the legitimate extension's name, with a staggering 2 million downloads. This incident underscores the growing threat of malicious open-source packages and how search ranking algorithms can be exploited.

Read more
(securelist.com)
Development

GitVenom: Malicious Open Source Projects on GitHub Deliver Malware

2025-03-02
GitVenom: Malicious Open Source Projects on GitHub Deliver Malware

Researchers uncovered a malicious campaign, dubbed "GitVenom," where threat actors created hundreds of fake open-source projects on GitHub to deliver malware. These projects, disguised as legitimate tools like Instagram automation scripts, Telegram bots, and game cheats, featured polished README files and frequent commits to appear authentic. Malicious code was cleverly hidden within projects written in various languages (Python, JavaScript, C/C++, C#), ultimately downloading and executing further malicious components from an attacker-controlled GitHub repository. These components included information stealers, remote access Trojans, and clipboard hijackers. The campaign has been active for years, impacting users globally, highlighting the risks of blindly running third-party code.

Read more
(securelist.com)
Tech

SparkCat: Crypto-Stealing Malware Lurking in App Stores

2025-02-05
SparkCat: Crypto-Stealing Malware Lurking in App Stores

ESET researchers uncovered a cross-platform malware dubbed "SparkCat" hidden within Google Play and the App Store, affecting over 242,000 downloads. The malware embeds a malicious SDK, using OCR to identify images of cryptocurrency wallet recovery phrases in users' photo galleries and sending them to a C2 server. Attackers employed a custom C2 communication protocol written in Rust, increasing analysis difficulty. The malware aims to steal cryptocurrency and utilizes multiple techniques to evade security measures.

Read more
(securelist.com)
Tech app store security