Ethereum Developers May Face Risks from Malicious Code Found in ETHcode Open Source Update
2025-07-11 10:44:36
Main Idea
Malicious code was discovered in an ETHcode update, posing security risks to Ethereum developers and highlighting vulnerabilities in open-source crypto projects.
Key Points
1. A GitHub pull request by an unknown user (Airez299) introduced malicious code into ETHcode, masked by a new testing framework.
2. The malicious code could potentially compromise Ethereum contracts under development, though no exploits have been reported yet.
3. ETHcode has approximately 6,000 installations, and its automatic update mechanism increases the risk of widespread impact.
4. Open-source vulnerabilities in crypto projects are a growing concern, with past incidents like the Ledger Connect Kit breach and Solana’s web3.js library malware.
5. ReversingLabs recommends developers adopt rigorous security practices, including sandboxing and strict protocols, to mitigate risks.
Description
Cybersecurity researchers have uncovered malicious code embedded in a recent update to ETHcode, a widely used open source toolset for Ethereum developers. The hidden code was inserted via a GitHub
Latest News
- BlackRock’s Bitcoin ETF Could Become Fastest Growing with $80 Billion in Assets Within a Year2025-07-11 15:35:36
- Bitcoin Dominance Declines as Market Conditions Suggest Potential Altcoin Cycle in 20252025-07-11 15:34:40
- Bank of America Lists Bitcoin Among Top Currencies, Suggesting Growing Institutional Recognition2025-07-11 15:19:26
- Dubai’s Ethereum-Based Real Estate Tokenization Framework Could Expand Global Retail Investment Opportunities2025-07-11 15:19:10
- Solana’s Pump.fun Token Launch Approaches Amid Market Share Shifts and Valuation Uncertainties2025-07-11 15:18:54