Malicious Pull Request Inserted Into Ethereum Code Extension: Research
2025-07-11 10:29:09
Main Idea
The article discusses a security breach involving malicious code in a GitHub repository related to Ethereum development, highlights the risks of unchecked open-source software, and mentions North Korean-linked malware targeting crypto professionals.
Key Points
1. A GitHub repository for ETHcode, an Ethereum development tool, was compromised with malicious code added by a user named Airez299, which went unnoticed by GitHub's AI reviewer and the ETHcode team.
2. The malicious code was obfuscated and designed to create an automated function, potentially affecting thousands of developers who installed the ETHcode extension.
3. Ethereum developer Zak Cole warns about the ease of inserting malicious code into open-source packages, citing past incidents like the Ledger Connect Kit exploit and Solana's web3.js library malware.
4. North Korean-affiliated hackers are using a Python-based remote access trojan called 'PylangGhost' to target crypto professionals through hiring scams.
5. The article also briefly mentions unrelated topics such as rescue drone deployments during floods, Japan's Minna Bank exploring stablecoins on Solana, and Bitcoin Alkanes as a potential innovation.
Description
Cybersecurity firm ReversingLabs uncovered two lines of malicious code in an update forETHCode, an open source suite of tools.
Latest News
- GMX Hacker Goes White-Hat, Returns $40 Million—Sends Rest to Tornado Cash2025-07-11 18:44:14
- SEC's Halt of ETF Holding XRP and Solana Has Investors 'Suffering Harm', Grayscale Says2025-07-11 18:12:58
- XRP Price Spike Outpaces Bitcoin as Open Interest Nears 6-Month High2025-07-11 17:27:26
- SharpLink Shares Rise After Firm Buys $30 Million in ETH From Ethereum Foundation2025-07-11 16:43:04
- Dogecoin Barks Up Huge Gains as Meme Coin Traders Await Pump.fun Token Sale2025-07-11 16:15:57