VMTech
+381 11 4183 54024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Vite and npm under fire: malicious packages hid RAT via blockchain C2

Vite and npm under fire: malicious packages hid RAT via blockchain C2

Colleagues, I’d like to flag a cybersecurity incident: seven malicious npm packages were found in the Vite ecosystem.

This is a classic supply-chain attack, with an unusual control channel. For C2, the threat actors used Tron, Aptos and Binance Smart Chain.

The code did not trigger during installation; it activated on import. It then downloaded a loader and a RAT capable of collecting credentials, exfiltrating files and persisting on the system.

If any of these packages were installed, I would remove them immediately, review dependencies, rotate credentials and inspect .bashrc, .zshrc and .profile.

Why it matters: attacks via public repositories and blockchain-based C2 are harder to detect and nearly impossible to shut down.

Do you review dependencies in your projects?
#cybersecurity #npm #Vite #SupplyChain

Current metrics
0Views
0Reach
0Likes
0Comments
0Saved
0Shares

Latest comments

No comments yet.

Instagram

Vite and npm under fire: malicious packages hid RAT via blockchain C2

Open the post on Instagram ↗