Malicious Pull Request Inserted Into Ethereum Code Extension: Research
2025-07-11 10:29:09

Main Idea
The article discusses a security breach involving malicious code in a GitHub repository related to Ethereum development, highlights the risks of unchecked open-source software, and mentions North Korean-linked malware targeting crypto professionals.
Key Points
1. A GitHub repository for ETHcode, an Ethereum development tool, was compromised with malicious code added by a user named Airez299, which went unnoticed by GitHub's AI reviewer and the ETHcode team.
2. The malicious code was obfuscated and designed to create an automated function, potentially affecting thousands of developers who installed the ETHcode extension.
3. Ethereum developer Zak Cole warns about the ease of inserting malicious code into open-source packages, citing past incidents like the Ledger Connect Kit exploit and Solana's web3.js library malware.
4. North Korean-affiliated hackers are using a Python-based remote access trojan called 'PylangGhost' to target crypto professionals through hiring scams.
5. The article also briefly mentions unrelated topics such as rescue drone deployments during floods, Japan's Minna Bank exploring stablecoins on Solana, and Bitcoin Alkanes as a potential innovation.
Description
Cybersecurity firm ReversingLabs uncovered two lines of malicious code in an update forETHCode, an open source suite of tools.
Latest News
- Will Pump.fun's Solana Token Pump After Launch? Experts Weigh In2025-07-11 15:20:36
- Bitcoin ETFs Post Second-Biggest Day Ever: Why It Matters2025-07-11 12:33:35
- Bitcoin Price Reaches Pivotal Moment—Is $120K Next?2025-07-11 11:11:23
- $1.14B in Crypto Shorts Rekt as Ethereum Tops $3K For First Time Since February2025-07-11 11:00:28
- Malicious Pull Request Inserted Into Ethereum Code Extension: Research2025-07-11 10:29:09