Supply Chain Attack Using Ethereum Smart Contracts to Distribute Multi-Platform Malware

SUMMARY :

A sophisticated supply chain attack has been discovered targeting the NPM ecosystem. The malicious package 'jest-fet-mock' impersonates popular testing utilities and uses Ethereum smart contracts for command-and-control operations. This cross-platform malware affects Windows, Linux, and macOS, executing during package installation via preinstall scripts. It performs info-stealing actions and establishes persistence across infected systems. The attack leverages blockchain technology for resilient C2 infrastructure, making it difficult to detect and take down. This approach represents a notable shift in supply chain attack methodologies, combining blockchain with traditional attack vectors. The campaign specifically targets development environments and CI/CD pipelines, posing a significant threat to software supply chains.

OPENCTI LABELS :

c2,blockchain,typosquatting,supply-chain,npm,multi-platform,development-tools,smart-contract,ethereum,jest-fet-mock


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Supply Chain Attack Using Ethereum Smart Contracts to Distribute Multi-Platform Malware