• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Malware Found in ETHCode: Impact and Security Recommendations

user avatar

by Giorgi Kostiuk

3 hours ago


The recent discovery of malware in an update for ETHCode, a development tool for Ethereum, highlights severe security threats in the open-source world.

Attack Details: How Malicious Code Was Inserted

ReversingLabs researchers found that a hacker with no prior GitHub history inserted malicious code into ETHCode through a pull request containing 43 commits and 4000 lines of code. The code was disguised as legitimate files and included functions designed to download and execute scripts that could steal cryptocurrency or compromise smart contracts.

Potential Impact on Ethereum Developers

ETHCode serves approximately 6000 developers for building and deploying smart contracts. The compromised update could have been automatically distributed to user systems. Research indicates while there is no evidence the malicious code was executed, the potential scope of the attack might affect thousands of developers.

Security Recommendations for Developers

Despite the attack's sophistication, security experts emphasize that successful compromises are rare. ReversingLabs suggests developers verify the identity and contribution history of code authors before implementing updates. Additionally, employing automated scanning tools to identify suspicious code behavior is advisable.

This incident underscores the ongoing security challenges in open-source cryptocurrency development, emphasizing the need for stricter verification processes and enhanced security practices among developers.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

Other news

A Complete Guide to Airdrop Taxes

chest

Learn about the tax implications of crypto airdrops and how to report them correctly.

user avatarGiorgi Kostiuk

SharpLink and Ethereum: Purchase of 10,000 ETH for $25.7 Million

chest

SharpLink acquired 10,000 ETH from Ethereum Foundation for $25.7 million, raising speculation about Ethereum's future.

user avatarGiorgi Kostiuk

GMX Successfully Recovers Funds After Major Exploit with Bounty Offer

chest

The decentralized exchange GMX reclaimed funds after an exploit by offering a $5 million bounty, showcasing new security approaches in DeFi.

user avatarGiorgi Kostiuk

Airdrops for Building a Decentralized Identity Portfolio

chest

Learn how airdrops can assist in creating a decentralized identity portfolio by providing free tokens and services.

user avatarGiorgi Kostiuk

UK: Two Months of Economic Contraction

chest

The UK economy has shrunk for two consecutive months due to US tariffs and rising taxes.

user avatarGiorgi Kostiuk

OMNI Token Sees 164% Surge: Market Analysis

chest

OMNI Token increases by 164% in 24 hours, reaching $5.40. What does this growth mean for the market?

user avatarGiorgi Kostiuk
dapp expert logo
© 2020-2025. DappExpert. All rights reserved.
© 2020-2025. DappExpert. All rights reserved.

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.