Malware Package
Package Type
NPM Module
Name
ethereum-cryptographyy
Versions
2.1.2
Package Author
@jackshanyeshuzi
Identified At
1691211600000
Added To Repository At
1691038800000
Removed From Repository At
1691125200000
Description
On Aug 3, 2023 Phylum’s automated risk detection platform alerted us to a series of suspicious publications on npm. The attacker eventually published final versions of two packages: a typosquat of a popular cryptocurrency library and a dependency that contained the malicious code buried deep in a large file
Identified Reports (1)
This malware package was identified on the following reports.
| Report | URL | Published At | Author | Description |
|---|---|---|---|---|
| Typosquat of popular Ethereum package on npm sends private keys to remote server | https://blog.phylum.io/typosquat-of-popular-ethereum-package-steals-private-keys/ | 1691211600000 | Phylum Research Team | On Aug 3, 2023 Phylum’s automated risk detection platform alerted us to a series of suspicious publications on npm. The attacker eventually published final versions of two packages: a typosquat of a popular cryptocurrency library and a dependency that contained the malicious code buried deep in a large file |
| Report | External URL | Published At | Author | Description |
Related Malware Packages (3)
The following malware packages were identified in the same report as this one.
| Package Type | Name | Attack Strategy | Package Author | Versions |
|---|---|---|---|---|
| NPM Module | @jackshanyeshuzi/curvess | @jackshanyeshuzi | 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.1.9 | |
| NPM Module | ethereum-cryptograph | @jackshanyeshuzi | 1.0.3 | |
| NPM Module | ethereum-cryptographyyy | @jackshanyeshuzi | 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.9 |