Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys
Tags
attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Private Keys - T1552.004 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Whois - T1596.002 Private Keys - T1145 |
Common Information
Type | Value |
---|---|
UUID | 3d15b7b3-0639-49c3-81fc-a4819a1dec32 |
Fingerprint | 88219ba0ba2d5200 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Oct. 18, 2024, 7:05 p.m. |
Added to db | Oct. 18, 2024, 9:22 p.m. |
Last updated | Nov. 11, 2024, 6:26 a.m. |
Headline | Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys |
Title | Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys |
Detected Hints/Tags/Attributes | 37/1/24 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 158 | ✔ | Malware Analysis, News and Indicators - Latest topics | https://malware.news/latest.rss | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 5 | ether-sign.com |
|
Details | Domain | 2 | index.js.map |
|
Details | Domain | 2 | default.post |
|
Details | File | 3 | wallet.js |
|
Details | File | 2 | base-wallet.js |
|
Details | File | 2 | hdwallet.js |
|
Details | File | 2 | json-crowdsale.js |
|
Details | File | 2 | json-keystore.js |
|
Details | File | 2 | mnemonic.js |
|
Details | File | 174 | index.js |
|
Details | File | 2 | accesslist.js |
|
Details | File | 2 | address.js |
|
Details | File | 3 | transaction.js |
|
Details | File | 13 | key.pub |
|
Details | File | 2 | uuid.js |
|
Details | File | 7 | data.js |
|
Details | File | 2 | exports.dat |
|
Details | File | 2 | errors.js |
|
Details | File | 2 | signing-key.js |
|
Details | File | 4 | signature.js |
|
Details | File | 2 | index_js_1.dat |
|
Details | File | 2 | signingkey.pub |
|
Details | IPv4 | 3 | 88.99.95.50 |
|
Details | Url | 2 | https://ether-sign.com/api/checkserver |