Slow Fog Cosine: Beware of Supply Chain Fishing Attacks Targeting Solidity Smart Contract Developers

2024-10-03 16:34:05

Collection

ChainCatcher news, cryptography researcher @LehmannLorenz stated on the X platform that his computer was nearly compromised, and just one click could install a malicious extension. The developers behind the extension were unverified, yet it garnered 1.7 million downloads within a day of release (more than any other extension) and a perfect 5/5 star rating. After downloading the malicious extension and extracting its contents, everything appeared normal - except for the obfuscated "extension.js" file that ran during installation. Log files indicated that the script ultimately encountered an error, relying on PowerShell execution, running entirely in memory without leaving any traces on the disk.

In response, Slow Mist's Yu Xian stated that this is a supply chain net attack targeting Solidity smart contract developers. The editor environment is a high-risk area for supply chain attacks. They have always tried to isolate what they can, avoid installations whenever possible, and ensure the "just enough" principle. Anything flashy is thrown onto a separate computer or virtual machine.

(Source Link)

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.