North Korean hackers have turned one of the world's most widely used software repositories into a vector for malicious software, according to a US cyber security company. In a report published last week, researchers at supply chain security company Socket said they had found more than 300 malicious code packages uploaded to npm regedit, a central code repository where millions of developers share and install JavaScript software.
The packages - small, reusable snippets of code widely used in everything from websites to cryptocurrency applications - are designed to look innocuous. But once downloaded, they are implanted with malicious software capable of stealing passwords, browser data and cryptocurrency wallet keys. Socket said the attack, which it dubbed "Contagious Interview", was part of a sophisticated operation by North Korean state-backed hackers posing as tech recruiters to target developers in blockchain, Web3 and related fields.
North Korean hackers target cryptocurrency developers with open-source software platform
2025-10-15 23:51:30
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
朝鲜黑客通过开源软件平台瞄准加密货币开发者Next article:
Aave旗下Horizon RWA市场净存款已达2.5亿美元,创历史新高
