Category: Malware

Lazarus Group Targets Software Developers with New Marstech1 Malware

SECITHUB
cyber threat warning laptop illustration

Emerging Threat to the Developer Community The North Korean state-sponsored hacking collective, known as the Lazarus Group, has launched a new wave of cyberattacks targeting software developers globally. This campaign, dubbed Operation Marstech Mayhem, leverages open-source repositories and supply chains to distribute advanced malware, posing a significant threat to the global developer community and cryptocurrency ecosystems. Details of the Attack: Marstech1 Implant The attack centers around a new implant named Marstech1, which is embedded into GitHub repositories and NPM packages. These repositories are disguised as legitimate projects to lure unsuspecting…

Read More

Malicious npm Packages Exploit Gmail SMTP to Steal Solana Wallet Keys

SECITHUB
Hacker in a hoodie surrounded by blockchain symbols.

Cybersecurity researchers have uncovered a series of malicious npm packages designed to exfiltrate Solana private keys by exploiting Gmail’s SMTP service. These packages, including @async-mutex/mutex, dexscreener, solana-transaction-toolkit, and solana-stable-web-huks, masquerade as legitimate tools but contain hidden scripts that intercept and transmit private keys to attacker-controlled Gmail accounts. Attack Methodology The attackers employ typosquatting techniques, creating packages with names similar to popular libraries to deceive developers into installing them. Once integrated, these packages capture private keys during wallet interactions and use Gmail’s SMTP server to send the stolen data to the…

Read More