ETHSecurity Community

🔒 A new npm package poses as a vulnerability detector for Ethereum smart contracts but silently installs Quasar RAT—a remote access trojan that gives attackers: 
 
🖥️ Full control over your system  
🛡️ Persistence via Windows Registry tweaks  
📡 Command-and-Control connections to steal data  
 
🔗 Read the full analysis:

🔒 A new npm package poses as a vulnerability detector for Ethereum smart contracts but silently installs Quasar RAT—a remote access trojan that gives attackers: 
 
🖥️ Full control over your system  
🛡️ Persistence via Windows Registry tweaks  
📡 Command-and-Control connections to steal data  
 
🔗 Read the full analysis: https://thehackernews.com/2025/01/malicious-obfuscated-npm-package.html