GoPlus Alert: North Korean Hackers Distribute Remote Access Trojan via Malicious npm Package

BlockBeats News, March 3rd, the GoPlus Chinese community issued a reminder, North Korean hackers published a set of 26 malicious packages to the npm registry, each of which comes with an installation script (install.js). This script will automatically execute during the package installation process, triggering the execution of malicious code located in "vendor/scrypt-js/version.js". The malicious code will download and run a remote access trojan (RAT) through the same malicious URL, carrying out malicious activities such as keylogging, clipboard theft, browser credential harvesting, TruffleHog secret scanning, Git repository and SSH key theft. This incident is linked to a North Korean hacker operation named "Famous Chollima".

Original link

Correction/Report

Hot Articles

Whale Trader "pension-usdt.eth" completed its position with an average price of $67,522, currently holding a long position in BTC with a size of $66.5 million

1h ago

WTI Crude Oil Daily Trading Volume on Hyperliquid Surpasses $100 Million, with Cryptocurrency Contracts Accounting for Only Four of the Top Ten

2h ago

Today, the crypto market is rebounding against the trend, with a macro hedge whale holding long positions in gold and silver while shorting crypto, losing $500,000 in a day.

3h ago

Due to a silver price plunge, a whale who shorted silver with $12 million two days ago has now realized significant profits.

24H Important Information

2026-03-03

Iranian Media: Iran Strikes US Military Bases and Interests in Qatar, Bahrain, and Oman

The 20th Million Bitcoin is About to Be Mined, with the Remaining 1 Million Bitcoins Projected to Be Mined Over the Next 114 Years

Amid Market Downturn, 'Buddy' Ethereum Longs Experience Partial Liquidation

Whale Trader "pension-usdt.eth" completed its position with an average price of $67,522, currently holding a long position in BTC with a size of $66.5 million

Correction/Report

Submit

Add Library

Visible to myself only

Public

Save

Choose Library

Add Library

Cancel

Finish

GoPlus Alert: North Korean Hackers Distribute Remote Access Trojan via Malicious npm Package

If this is the beginning of the triple halving, what are top investors saying about what to expect?

More absurd than knowing about the war in advance is knowing in advance about the assassination of Soleimani

After a 48-hour ban, Claude reached the top of the App Store

In the next 5 years, Vitalik will scale Ethereum like this

Whale Trader "pension-usdt.eth" completed its position with an average price of $67,522, currently holding a long position in BTC with a size of $66.5 million

WTI Crude Oil Daily Trading Volume on Hyperliquid Surpasses $100 Million, with Cryptocurrency Contracts Accounting for Only Four of the Top Ten

Today, the crypto market is rebounding against the trend, with a macro hedge whale holding long positions in gold and silver while shorting crypto, losing $500,000 in a day.

Due to a silver price plunge, a whale who shorted silver with $12 million two days ago has now realized significant profits.