Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

November 5, 2024 at 01:45AM A campaign targeting npm developers employs hundreds of typosquat packages to install cross-platform malware, utilizing Ethereum smart contracts for command-and-control. This approach complicates detection and takedown efforts, highlighting vulnerabilities in the open-source ecosystem. The attacker may be Russian-speaking, emphasizing the need for developer vigilance when downloading packages. ### Meeting Takeaways … Read more

How to Use Python to Build Secure Blockchain Applications

June 27, 2024 at 06:28AM The text discusses building blockchain applications in native Python using AlgoKit for Algorand. It emphasizes the benefits of blockchain applications, Python’s suitability, setting up the development environment, and building secure applications using Python. It also provides insights into the smart contract development process and testing methods. For more information, visit … Read more

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

April 13, 2024 at 10:45AM Former security engineer Shakeeb Ahmed has received a three-year prison sentence in the U.S. for hacking two decentralized cryptocurrency exchanges and stealing over $12.3 million. He pleaded guilty to computer fraud and used specialized skills to execute the attacks. Ahmed also laundered the stolen funds but has been sentenced to … Read more

Crypto wallet providers urged to rethink security as criminals drain them of millions

March 19, 2024 at 10:35AM Information security researchers have observed a surge in cryptocurrency attacks, with a focus on exploiting Ethereum’s CREATE2 opcode, resulting in millions of dollars’ worth of assets being stolen from victims’ wallets. This vulnerability underscores the ongoing battle between innovation and security within the blockchain community and highlights the need for … Read more