Hijacking wallets with malicious patches. cover art

Hijacking wallets with malicious patches.

Hijacking wallets with malicious patches.

Listen for free

View show details

About this listen

 This week, we are joined by Lucija Valentić, Software Threat Researcher from ReversingLabs, who is discussing "Atomic and Exodus crypto wallets targeted in malicious npm campaign." Threat actors have launched a malicious npm campaign targeting Atomic and Exodus crypto wallets by distributing a fake package called "pdf-to-office," which secretly patches locally installed wallet software to redirect crypto transfers to attacker-controlled addresses. ReversingLabs researchers discovered that this package used obfuscated JavaScript to trojanize specific files in targeted wallet versions, enabling persistence even after the malicious package was removed. This incident highlights the growing threat of software supply chain attacks in the cryptocurrency space and underscores the need for vigilant monitoring of both open-source repositories and local applications. The research can be found here: ⁠⁠Atomic and Exodus crypto wallets targeted in malicious npm campaign Learn more about your ad choices. Visit megaphone.fm/adchoices

What listeners say about Hijacking wallets with malicious patches.

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com.au reviews

Amazon Reviews
No Reviews are Available
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.