A covert supply-chain attack targeted Ethereum developers after a GitHub pull request submitted by the pseudonymous user ‘Airez299’ implanted malicious code within an ETHcode update. The harmful payload was concealed within a newly proposed testing framework, exposing vulnerabilities in the widely used development tool.
Security researchers confirmed the code could compromise Ethereum contracts under development, though no active exploits have been observed to date. With ETHcode boasting approximately 6,000 installations, its automatic update feature heightened risks of widespread impact before the threat was neutralized.
This incident underscores escalating security concerns around open-source crypto infrastructure. It joins a pattern of similar breaches, including previous attacks on Ledger’s Connect Kit and Solana’s web3.js library, demonstrating recurring vulnerabilities in decentralized development ecosystems.
Security firm ReversingLabs recommends developers implement stringent protective measures, including sandboxed testing environments and rigorous code auditing protocols. The advisory emphasizes the critical need for enhanced vigilance and verification processes in open-source project maintenance to prevent future supply-chain compromises.