-= Per source details. Do not edit below this line.=-
Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering tactics
{ "iocs": { "domains": [ "cryptopriceoffer.com", "npmjscloud.com", "npmrepos.com", "tradingprice.net", "npmjsregister.com", "npmcloudjs.com", "bi2price.com", "npmaudit.com", "coingeckoprice.com" ] }, "malicious-packages-origins": [ { "sha256": "f59f6e40fe31bd4d5d4aa5da8bc0d032e2bbff9166104dc707c2987f953a5d93", "import_time": "2023-08-23T13:55:32.284634833Z", "source": "checkmarx", "ranges": [ { "events": [ { "introduced": "0" } ], "type": "SEMVER" } ], "modified_time": "2023-08-21T20:12:58Z" }, { "sha256": "5da7afe62fde1fbae6f8e31ab53df0ff9775d457d84cc9f53758a09e3e11d5b6", "import_time": "2024-10-24T00:56:13.949906348Z", "versions": [ "1.12.7" ], "id": "RLMA-2024-06249", "source": "reversing-labs", "modified_time": "2024-10-16T12:36:06Z" } ] }