Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys | Phylum
Tags
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Private Keys - T1552.004 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Whois - T1596.002 Private Keys - T1145
Show in Graph
Common Information
Type Value
UUID c5b658fc-e2d9-4f38-a0b4-bee83679eabe
Fingerprint 88219b20ba2d1200
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 18, 2024, midnight
Added to db Oct. 18, 2024, 9:14 p.m.
Last updated Nov. 11, 2024, 6:26 a.m.
Headline Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys
Title Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys | Phylum
Detected Hints/Tags/Attributes 37/1/24
Source URLs
Redirection Url
Details Source https://blog.phylum.io/trojanized-ethers-forks-on-npm-attempting-to-steal-ethereum-private-keys/
URL Provider
Details Provider Source level domain
Details phylum.io blog.phylum.io
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 46 Phylum https://blog.phylum.io/rss/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 5 
ether-sign.com
Details Domain 2 
index.js.map
Details Domain 2 
default.post
Details File 3 
wallet.js
Details File 2 
base-wallet.js
Details File 2 
hdwallet.js
Details File 2 
json-crowdsale.js
Details File 2 
json-keystore.js
Details File 2 
mnemonic.js
Details File 174 
index.js
Details File 2 
accesslist.js
Details File 2 
address.js
Details File 3 
transaction.js
Details File 13 
key.pub
Details File 2 
uuid.js
Details File 7 
data.js
Details File 2 
exports.dat
Details File 2 
errors.js
Details File 2 
signing-key.js
Details File 4 
signature.js
Details File 2 
index_js_1.dat
Details File 2 
signingkey.pub
Details IPv4 3 
88.99.95.50
Details Url 2 
https://ether-sign.com/api/checkserver