Socket: Malicious npm package found targeting BSC and Ethereum users, stealing encrypted wallet assets

According to Foresight News, the Socket threat research team has released a report stating that they have discovered four malicious npm packages targeting BSC and Ethereum, which steal users' encrypted wallet assets. These four packages are: pancake_uniswap-uvalidators_tils_snipe (350 downloads), pancakeswap oral preparation (445 downloads), ethereum smart control (305 downloads), and env process (1054 downloads), with a total download volume of over 2100 times. The attacker uses obfuscated JavaScript code to steal 80% -85% of the target wallet balance and redirect it to an address under their control. These packages were written by the same actor with a time span of 3-4 years ago. Socket recommends developers to adopt automated dependency scanning and secure credential management to prevent attacks. Foresight News notes that npm packages refer to JavaScript software packages managed through npm (Node Package Manager). Npm is the default package manager for Node.js, used for installing, sharing, and managing dependencies and codebases of JavaScript projects.