MAL-2024-7883 Malicious code in layout-utils.js (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality...

MAL-2024-7886 Malicious code in safebs58.js (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=-...

MAL-2024-7884 Malicious code in ndoe-fethc (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=-...

Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware

The NuGet repository is the target of a new "sophisticated and highly-malicious attack" aiming to infect .NET developer systems with cryptocurrency stealer malware. The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down. "The packages...

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware. "All of them are after victims' cryptocurrency funds, with several targeting cryptocurrency wallets," ES...

WeSteal: A Cryptocurrency-Stealing Tool That Does Just That

Some cybercriminals try, at least, to cover their dirty work with a threadbare “this will throw off the lawsuits” blanket of legitimacy. For example, phone-tracking tools that silently install and operate and which are supposedly meant for parents to legally watch out for their kids in actuality,...