駭客利用以太坊智能合約隱藏惡意軟體,繞過安全檢測
Sep 04, 2025 12:04:52
Share to 
ChainCatcher 消息,据 ReversingLabs 研究人員披露,7 月發布的 NPM 包 "colortoolsv 2" 和 "mimelib 2" 利用以太坊智能合約隱藏惡意 URL,避免安全掃描。這些軟體包作為下載器運行,從智能合約中獲取命令與控制伺服器地址,再下載二階段惡意軟體,使區塊鏈流量看似合法,從而加大檢測難度。
研究指出,這是首次發現以太坊智能合約被用於托管惡意命令 URL,顯示攻擊者在開源倉庫中規避檢測的策略正快速演化。
Related Projects
Latest News
Data: If ETH falls below $4,106, the cumulative long liquidation intensity on major CEXs will reach $2.223 billion
Sep 09, 2025 02:03:29
Data: If BTC falls below $106,683, the cumulative long liquidation intensity on major CEXs will reach $2.554 billion
Sep 09, 2025 02:03:26
The stablecoin issuance protocol OneStable is officially launched
Sep 09, 2025 01:48:48
OpenSea will launch new features such as OS AI mobile, flagship series, and details of the SEA token will be announced in early October
Sep 09, 2025 01:23:54
Data: The current 8-hour average funding rate for ETH across the network is 0.0056%
Sep 09, 2025 00:17:07
