Summary: A supply chain attack targeting the Ethereum development ecosystem has compromised the Nomic Foundation and Hardhat platforms through malicious npm packages, leading to the exfiltration of sensitive data. The attackers utilized deceptive tactics and Ethereum smart contracts to maintain control and complicate mitigation efforts.
Threat Actor: Unknown | unknown
Victim: Nomic Foundation and Hardhat | Nomic Foundation and Hardhat
Key Point :
- Attackers distributed 20 malicious npm packages, with one package downloaded over 1,000 times.
- Malicious packages mimicked legitimate Hardhat plugins to exploit developer trust.
- Sensitive data was collected and exfiltrated using functions from the Hardhat Runtime Environment.
- Preventive measures include stricter auditing, zero-trust architecture, and maintaining a software bill of materials (SBOM).
Source: https://www.infosecurity-magazine.com/news/supply-chain-attack-targets/