Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell (SSH) protocol.
The packages attempt to “gain SSH access to the victim’s machine by writing the attacker’s SSH public key in the root user’s authorized_keys file,” software supply chain security company Phylum said in an analysis published last week.
The list of packages, which aim to impersonate the legitimate ethers package, identified as part of the campaign are listed as follows –
Some of these packages, most of which have been published by accounts named “crstianokavic” and “timyorks,” are believed to have been released for testing purposes, as most of them carry minimal changes across them. The latest and the most complete package in the list is ethers-mew.
This is not the first time rogue packages with similar functionality have been discovered in the npm registry. In August 2023, Phylum detailed a package named ethereum-cryptographyy, a typosquat of a popular cryptocurrency library that exfiltrated the users’ private keys to a server in China by introducing a malicious dependency.
The latest attack campaign embraces a slightly different approach in that the malicious code is embedded directly into the packages, allowing threat actors to siphon the Ethereum private keys to the domain “ether-sign[.]com” under their control.
What makes this attack a lot more sneaky is the fact that it requires the developer to actually use the package in their code – such as creating a new Wallet instance using the imported package – unlike typically observed cases where simply installing the package is enough to trigger the execution of the malware.
In addition, the ethers-mew package comes with capabilities to modify the “/root/.ssh/authorized_keys” file to add an attacker-owned SSH key and grant them persistent remote access to the compromised host.
“All of these packages, along with the authors’ accounts, were only up for a very short period of time, apparently removed and deleted by the authors themselves,” Phylum said.