• About Us
  • Careers
  • Contact
No Result
View All Result
Thursday, September 4, 2025
DeFi Planet
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Market Analysis
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverse
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Market Analysis
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverse
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
No Result
View All Result
DeFi Planet
No Result
View All Result
Home News Crime

Hackers Hide Malware in Ethereum Smart Contracts to Evade Detection

4 September 2025
in Crime
Reading Time: 3 mins read
106 2
source: dig.watch

source: dig.watch

Contents

Toggle
  • Quick Breakdown 
  • Threat actors exploit blockchain to conceal malicious commands in open-source packages
  • Smart Contracts Used as Malware Hosts
  • A New Twist on Old Attacks
  • Social Engineering Behind the Scenes
  • A Growing Trend of Crypto-Focused Malware

Quick Breakdown 

  • Hackers are embedding malware commands in Ethereum smart contracts to bypass scans.
  • Malicious NPM packages, colortoolsv2 and mimelib2, retrieved C2 servers from the blockchain.
  • Campaigns used fake GitHub repositories to trick developers into downloading infected code.

Threat actors exploit blockchain to conceal malicious commands in open-source packages

Cybercriminals are adopting a new method of delivering malware by embedding malicious commands inside Ethereum smart contracts, making detection significantly harder for security systems.

Source: ReversingLabs

Researchers at ReversingLabs, a digital asset compliance firm, revealed that attackers have uploaded malicious packages to the Node Package Manager (NPM) repository, one of the largest hubs for JavaScript libraries.

Smart Contracts Used as Malware Hosts

According to ReversingLabs researcher Lucija Valentić, the malware packages “colortoolsv2” and “mimelib2” were published in July and disguised as legitimate tools. Instead of directly linking to malicious domains, the code fetched command-and-control (C2) addresses from Ethereum smart contracts, bypassing routine security scans.

Once installed, the packages queried the blockchain to retrieve download links for second-stage malware, which carried out the actual malicious activity. Since blockchain traffic typically appears legitimate, this tactic makes detection more complex.

A New Twist on Old Attacks

While the use of smart contracts in malware is not new, the North Korean Lazarus Group used a similar approach earlier this year, the latest method is distinct. Instead of merely hiding malware within contracts, attackers are now embedding the very URLs for payload delivery inside Ethereum’s decentralized infrastructure.

Social Engineering Behind the Scenes

The malicious packages were part of a larger deception campaign targeting developers through GitHub repositories. Threat actors built fake cryptocurrency trading bot projects complete with fabricated commits, multiple fake maintainers, and polished documentation to establish credibility.

These repositories lured unsuspecting developers into downloading the infected packages, further spreading the malware.

A Growing Trend of Crypto-Focused Malware

Security experts documented 23 crypto-related malware campaigns on open-source repositories in 2024. This latest incident underscores how attackers are merging blockchain technology with social engineering to bypass traditional security tools.

The threat is not limited to Ethereum. In April, a fake GitHub repository mimicking a Solana trading bot delivered credential-stealing malware, while another campaign targeted Bitcoinlib, a popular open-source Python library.

If you would like to read more articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.

Take control of your crypto  portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”

Don't miss out!

Subscribe To Our Newsletter

Receive top education news, lesson ideas, teaching tips and more!
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!
Share63Tweet39Share11
Favour Okosodo

Favour Okosodo

Experienced web content writer with a strong command of SEO, specializing in creating concise, engaging content that drives traffic and enhances conversions across diverse industries.

Related Posts

source: venus.io
Crime

Venus Protocol Recovers $13.5M After Phishing Attack

3 September 2025
source: fxleaders.com
Crime

Crypto Hacks Surge in August With $163M Lost, PeckShield Reports

1 September 2025
source: cnn.com
Crime

US Banks Processed $312B in Chinese Money Laundering Tied to Cartels, FinCEN Warns

29 August 2025
source: commonwealthlawyers.com
Crime

US Sanctions Russian, North Korean Nationals and Firms Over Crypto Theft Funding Weapons Program

28 August 2025

Editors Picks

Bull vs. Bear: Key Indicators to Spot Market Trends Before Everyone Else

Bull vs. Bear: Key Indicators to Spot Market Trends Before Everyone Else

byOlayinka Sodiq
13 July 2025
0

Is Saudi Arabia Falling Behind in the Crypto Race Without Unified GCC Regulations?

Is Saudi Arabia Falling Behind in the Crypto Race Without Unified GCC Regulations?

byOlajumoke Oyaleke
6 July 2025
0

AI Deepfake Scams: How They’re Driving Fraud and Fueling Crypto Scandals

AI Deepfake Scams: How They’re Driving Fraud and Fueling Crypto Scandals

byOlajumoke Oyaleke
24 June 2025
0

Can Ethereum Transactions Be Reversed?

Can Ethereum Transactions Be Reversed?

byOlayinka Sodiq
24 June 2025
0

Is Running Masternodes Still a Viable Passive Income Strategy or a Thing of the Past?

Is Running Masternodes Still a Viable Passive Income Strategy or a Thing of the Past?

byOlayinka Sodiq
14 June 2025
0

Read More

Chain of Thoughts

Zero-Knowledge Everything: Trust, Privacy, and Verification in the Digital Age

Zero-Knowledge Everything: Trust, Privacy, and Verification in the Digital Age

byOlu Omoyele
30 August 2025
0

...

What Happens When AI Gets a Wallet?

What Happens When AI Gets a Wallet?

byOlu Omoyele
31 July 2025
0

...

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

byOlu Omoyele
30 June 2025
0

...

Are Stablecoins Bank Deposits?

Are Stablecoins Bank Deposits?

byOlu Omoyele
31 May 2025
0

...

Markets Update

Binance CEO to Visit South Korea Amid Regulatory Push

4 hours ago

Ripple Expands RLUSD Stablecoin to Africa Through Key Partnerships

5 hours ago

Operators of OKX Exchange, Fined $2.6 Million by Dutch Central Bank Over Unregistered Services Pre-MiCA License

8 hours ago

What $13 Billion in Ether Treasuries Signals for Investor Behaviour

1 day ago

What Happens If Bitcoin Reaches $1 Million?

1 day ago

Stablecoins Are Propelling Latin America’s Financial Shift, Fueling Innovation and Inclusion

1 day ago
Read More

Events

CBDC Conference
CBDC Conference
9 Sep 25
Nassau

Spotlight

All about Ethereum
All about Algorand
All about Bitcoin
All about Gora

Press Releasespress releases

NOWPayments to Participate in SiGMA Europe Rome 2025

bychainwire
4 September 2025
0

ChainUp Named Double Finalist at Thomson Reuters’ ALB Pan-Asian Regulatory Awards 2025

bychainwire
4 September 2025
0

Bybit Card Launches in Europe With Unmatched 20% Cashback

bychainwire
3 September 2025
0

KuCoin Presents KuMining: Embodying “Simple Mining, Smart Gains” for Effortless Crypto Accumulation

bychainwire
3 September 2025
0

Meme Coin Little Pepe Raises Above $24M in Presale With Over 39,000 Holders

bychainwire
2 September 2025
0

Read More

ADVERTISING

ABOUT

TEAM

CAREERS

CONTACT

TERMS & CONDITIONS

PRIVACY POLICY

© Copyright 2025 DeFi Planet

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Please enter and activate your license key for Cryptocurrency Widgets PRO plugin for unrestricted and full access of all premium features.

Add New Playlist

No Result
View All Result
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Market Analysis
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverse
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer

© Copyright 2024 DeFi Planet   |   Terms & Conditions   |   Privacy Policy

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00