Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
02 January 2025
Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems.
The heavily obfuscated package, named ethereumvulncontracthandler, was published to npm on December 18, 2024, by a user