Reason to trust
Strict editorial policy that focuses on accuracy, relevance, and impartiality
Created by industry experts and meticulously reviewed
The highest standards in reporting and publishing
How Our News is Made
Strict editorial policy that focuses on accuracy, relevance, and impartiality
Ad discliamer
Morbi pretium leo et nisl aliquam mollis. Quisque arcu lorem, ultricies quis pellentesque nec, ullamcorper eu odio.
Malware operations targeting holders of Ethereum, XRP, and Solana cryptocurrencies have been exposed by cybersecurity researchers. The threat attacks Atomic and Exodus wallet owners by using compromised software packages installed by developers unaware of the malware contained in the code.
The malware, upon execution, is able to send cryptocurrency to thief-held addresses with no indication on the wallet owner.
How The Attack Works
Researchers say the attack starts when developers unwittingly include hacked node package manager (NPM) packages in their projects. One such package named “pdf-to-office” appears genuine on the surface but conceals malicious code within.
The package searches computers for installed crypto wallets and then injects code that intercepts transactions. This enables criminals to steal money without the user’s awareness or permission.
Multiple Cryptocurrencies At Risk
Security researchers have concluded that the malware can divert transactions on multiple of the world’s leading cryptocurrencies. They include Ethereum, USDT, XRP and Solana. The attack is what researchers identify as “an escalation in the ongoing targeting of cryptocurrency users through software supply chain attacks.”
Technical Details Reveal Sophisticated Methods
ReversingLabs discovered the campaign by scanning for suspicious NPM packages. Their analysis revealed several warning signs such as suspicious URL associations and code structures matching well-known threats.
The attack employs sophisticated techniques for evasion from security tools and is multi-stage in nature. The infection begins when the malware package executes its code aimed at wallet software on the target’s machine. It specifically looks for application files in some of the predetermined paths before injecting its malicious code.
No Visual User Warning Signs
According to reports, this malware’s effect can be catastrophic since transactions appear absolutely normal on the wallet interface. The code substitutes valid recipient addresses with attacker-controlled addresses through base64 encoding.
For instance, when a user attempts to send ETH, the malware substitutes the recipient address with the attacker’s address, which is concealed in encoded form. Users have no visual clue that anything is wrong until they check the blockchain record afterward and discover their money went to an unexpected address.
The security threat indicates increased harm to cryptocurrency owners who might not be aware their transactions are compromised until funds go missing. The modus operandi of the attack is evidence of how hackers keep coming up with new methods of pilfering digital assets.
Cryptocurrency users should be extremely cautious when verifying all transaction addresses. Developers are also advised to double-check the security of any packages they install on cryptocurrency-related projects.
Featured image from Enterprise Networking Planet, chart from TradingView
They say journalists never truly clock out. But for Christian, that’s not just a metaphor, it’s a lifestyle. By day, he navigates the ever-shifting tides of the cryptocurrency market, wielding words like a seasoned editor and crafting articles that decipher the jargon for the masses. When the PC goes on hibernate mode, however, his pursuits take a more mechanical (and sometimes philosophical) turn.
Christian’s journey with the written word began long before the age of Bitcoin. In the hallowed halls of academia, he honed his craft as a feature writer for his college paper. This early love for storytelling paved the way for a successful stint as an editor at a data engineering firm, where his first-month essay win funded a months-long supply of doggie and kitty treats – a testament to his dedication to his furry companions (more on that later).
Christian then roamed the world of journalism, working at newspapers in Canada and even South Korea. He finally settled down at a local news giant in his hometown in the Philippines for a decade, becoming a total news junkie. But then, something new caught his eye: cryptocurrency. It was like a treasure hunt mixed with storytelling – right up his alley!
So, he landed a killer gig at NewsBTC, where he’s one of the go-to guys for all things crypto. He breaks down this confusing stuff into bite-sized pieces, making it easy for anyone to understand (he salutes his management team for teaching him this skill).
Think Christian’s all work and no play? Not a chance! When he’s not at his computer, you’ll find him indulging his passion for motorbikes. A true gearhead, Christian loves tinkering with his bike and savoring the joy of the open road on his 320-cc Yamaha R3. Once a speed demon who hit 120mph (a feat he vowed never to repeat), he now prefers leisurely rides along the coast, enjoying the wind in his thinning hair.
Speaking of chill, Christian’s got a crew of furry friends waiting for him at home. Two cats and a dog. He swears cats are way smarter than dogs (sorry, Grizzly), but he adores them all anyway. Apparently, watching his pets just chillin’ helps him analyze and write meticulously formatted articles even better.
Here’s the thing about this guy: He works a lot, but he keeps himself fueled by enough coffee to make it through the day – and some seriously delicious (Filipino) food. He says a delectable meal is the secret ingredient to a killer article. And after a long day of crypto crusading, he unwinds with some rum (mixed with milk) while watching slapstick movies.
Looking ahead, Christian sees a bright future with NewsBTC. He says he sees himself privileged to be part of an awesome organization, sharing his expertise and passion with a community he values, and fellow editors – and bosses – he deeply respects.
So, the next time you tread into the world of cryptocurrency, remember the man behind the words – the crypto crusader, the grease monkey, and the feline philosopher, all rolled into one.
Disclaimer: The information found on NewsBTC is for educational purposes only. It does not represent the opinions of NewsBTC on whether to buy, sell or hold any investments and naturally investing carries risks. You are advised to conduct your own research before making any investment decisions. Use information provided on this website entirely at your own risk.
