PANews March 3rd: The GoPlus Chinese community on X platform issued a warning that North Korean hackers have released a set of 26 malicious packages on the npm registry. These packages all include an installation script (“install.js”) that automatically executes during installation, running malicious code located in “vendor/scrypt-js/version.js”. The malicious code downloads and executes a remote access Trojan (RAT) via the same malicious URL, enabling keylogging, clipboard theft, browser credential collection, TruffleHog secret scanning of Git repositories, and SSH key theft. This incident is linked to a North Korean hacking group called “Famous Chollima.”
Users and developers are advised to verify the source and security of packages before installation to avoid these 26 malicious packages and prevent privacy leaks or asset loss:
argonist@0.41.0
bcryptance@6.5.2
bee-quarl@2.1.2
bubble-core@6.26.2
corstoken@2.14.7
daytonjs@1.11.20
ether-lint@5.9.4
expressjs-lint@5.3.2
fastify-lint@5.8.0
formmiderable@3.5.7
hapi-lint@19.1.2
iosysredis@5.13.2
jslint-config@10.22.2
jsnwebapptoken@8.40.2
kafkajs-lint@2.21.3
loadash-lint@4.17.24
mqttoken@5.40.2
prism-lint@7.4.2
promanage@6.0.21
sequelization@6.40.2
typoriem@0.4.17
undicy-lint@7.23.1
uuindex@13.1.0
vitetest-lint@4.1.21
windowston@3.19.2
zoddle@4.4.2
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Fake Ledger App on Apple’s App Store Drains Musician’s 5.9 BTC Retirement Fund
A fake Ledger app on Apple's App Store deceived musician Garrett Dutton into losing 5.9 BTC by entering his seed phrase. This case highlights ongoing wallet scams and the exploitation of trust, as the stolen bitcoin was laundered through KuCoin.
CryptoNewsFlash17m ago
A CEX Faces Extortion and Refuses to Back Down: Affects About 2,000 Accounts, Customer Funds Are Not at Risk
A certain cryptocurrency exchange was extorted by a criminal organization, which claimed it would release internal system access videos. The exchange confirmed it had not suffered a systemic breach, that customer funds are safe, and that due to improper conduct by customer service personnel, data from approximately 2,000 accounts was accessed. The exchange has revoked the relevant permissions and strengthened security controls. The company is working with law enforcement agencies to investigate.
GateNews3h ago
Solana cofounder toly: a base-layer stablecoin should be built that can only be frozen with authorization from the court
Solana co-founder toly noted that the industry needs a stablecoin that can only be frozen under a court order, opposing other freeze factors. He suggested that the protocol issue a stablecoin with custom freeze strategies on the base layer and strengthen security measures. This view stems from a recent response by Circle to the Drift protocol hack incident, sparking discussions about centralized stablecoins.
GateNews3h ago
Attacker Mints 1B DOT, Dumps for $237K ETH
A security incident involving the ERC-20 version of Polkadot on Ethereum raised concerns, emphasizing the risks of wrapped and cross-chain assets. An attacker exploited a flaw to mint and dump 1 billion DOT tokens, causing a market collapse and highlighting vulnerabilities in smart contract management.
Coinfomania6h ago
Music Star G. Love Loses 5.9 Bitcoin in Shocking App Store Scam
_Musician G. Love loses 5.9 BTC in fake Ledger app scam, raising serious concerns about crypto security and user awareness worldwide._
A major crypto scam has affected Garrett Dutton, widely known as G. Love. The American singer lost 5.9 Bitcoin valued at almost 420,000. The loss occurred when he t
LiveBTCNews6h ago
Aave Faces a Major Trust Crisis: Service Providers Exit En Masse, with “Technology, Governance, and Risk Control” Fully Failing
Author: Jae, PANews
Compared with the external pressure of a bear market, Aave has instead seen a “black swan” emerge internally first.
Aave, which has long occupied the throne of lending agreements, is now facing the most severe ecosystem shake-up since its founding. There has been no hacker attack, no code vulnerabilities—only power gone out of control and conflicting interests.
From BGD Labs, a technical cornerstone, decisively leaving, to a public break between governance pioneer ACI (Aave Chan Initiative), and then to Chaos Labs, the risk-management steward, announcing that it is parting ways— a major “service provider retreat” is unfolding.
The depth of this game goes far beyond a mere cooperation dispute; it has triggered
区块客7h ago
