VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

New wave of DPRK attacks: AI‑injected npm packages, fakes and RATs threaten Web3

Новая волна атак из КНДР: AI‑инжектированные npm‑пакеты, фейки и RAT угрожают Web3

Colleagues, take note: cybersecurity teams have uncovered a campaign using AI‑injected npm packages and fake companies.

- ReversingLabs links the PromptMink campaign to Famous Chollima: the @validate-sdk/v2 package steals secrets and crypto wallet access; the report cites a commit involving LLM Claude Opus.
- The attack leverages multi‑level dependencies, typosquatting and library substitution; RATs, SSH backdoors and Rust components are used to hide traces.
- Operators set up fake firms and tasks on GitHub/LinkedIn to trick developers into installing malicious dependencies.

Why it matters: a direct threat to the software supply chain and Web3 developer funds.

How are you protecting dependencies in your projects?

#cybersecurity #supplychain #npm #Web3

Latest comments

No comments yet.