Tag: crypto

3 Attack Reports | 0 Vulnerabilities

Attack reports

A new playground: Malicious campaigns proliferate from VSCode to npm

This intelligence details the emergence of malicious campaigns spreading from VSCode to npm. Researchers observed an increasing amount of malicious activity in VSCode Marketplace, with threat actors using npm packages to inject malicious code into VSCode IDE. The campaign initially targeted the cry…
obfuscation
npm
downloader
crypto
software supply chain
2024-12-19
zoom
malicious extensions
vscode
Published: December 19, 2024
Downloadable IOCs: 2

Python Crypto Library Updated to Steal Private Keys

Phylum's automated risk detection platform discovered that the PyPI package aiocpa was updated to include malicious code that steals private keys by exfiltrating them through Telegram when users initialize the crypto library.
pypi
telegram
crypto
2024-11-26
aiocpa
Published: November 26, 2024
Downloadable IOCs: 4

LummaC2 Malware and Malicious Chrome Extension Delivered

In August 2024, eSentire's Threat Response Unit observed a sophisticated attack involving LummaC2 stealer malware and a malicious Google Chrome browser extension. The attack leveraged DLL side-loading to execute a loader delivering the malware and a PowerShell script that installed the extension. T…
malware
lummac2
stealer
credentials
browser
2024-09-09
crypto
remote
extension
control
Published: September 9, 2024
Downloadable IOCs: 7
Click here to see more Attack Reports