PANews reported on September 4th that according to research by digital asset compliance firm ReversingLabs, hackers have recently exploited Ethereum smart contracts to store malicious instructions and spread new malware through the Node Package Manager (NPM) repository. The "colortoolsv2" and "mimelib2" packages, released in July, query blockchain smart contracts to obtain the download address for the second-stage malware, evading traditional security scans. The attack was part of a larger social engineering scam. Hackers created a fake cryptocurrency trading bot repository on GitHub and projected a trustworthy image by fabricating commit records, maintaining accounts, and providing professional documentation. Researchers noted that while the North Korean hacker group Lazarus has used similar techniques before, this is the first time they've used smart contracts to host malicious URLs, demonstrating the continued evolution of their attack strategies.PANews reported on September 4th that according to research by digital asset compliance firm ReversingLabs, hackers have recently exploited Ethereum smart contracts to store malicious instructions and spread new malware through the Node Package Manager (NPM) repository. The "colortoolsv2" and "mimelib2" packages, released in July, query blockchain smart contracts to obtain the download address for the second-stage malware, evading traditional security scans. The attack was part of a larger social engineering scam. Hackers created a fake cryptocurrency trading bot repository on GitHub and projected a trustworthy image by fabricating commit records, maintaining accounts, and providing professional documentation. Researchers noted that while the North Korean hacker group Lazarus has used similar techniques before, this is the first time they've used smart contracts to host malicious URLs, demonstrating the continued evolution of their attack strategies.