The Solidity Language open-source package was used in a $500,000 crypto heist
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A blockchain developer in Russia lost $500,000 in crypto assets due to a malicious Solidity Language extension for Cursor AI IDE. The fake extension, downloaded 54,000 times, appeared higher in search results than the legitimate one due to ranking algorithms. It installed malware that allowed remote access and data theft. The attackers used ScreenConnect for remote control and deployed various scripts to steal wallet passphrases. A new malicious package was published shortly after the first was removed, with an inflated download count of 2 million. Similar attacks were found targeting blockchain developers through other extensions and npm packages. The incident highlights the ongoing threat of malicious open-source packages in the crypto industry.
OPENCTI LABELS :
open-source,blockchain,cryptocurrency,screenconnect,data theft,quasar,vmdetector,solidity,cursor ai
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
The Solidity Language open-source package was used in a $500,000 crypto heist