Middle East Daily
    Hot News
    Business

    Coral Announces Closure of Seed Round Funding, Raising $3 Million to Transform Carbon Emission Management

    Lifestyle

    Experience Unparalleled Serenity with Ladies Day Mondays at The St. Regis Spa Downtown Dubai

    Business

    Quest Global Joins UAE’s NextGen FDI Initiative to Support Local Engineering Research and Development

    Important Pages:
    • Privacy Policy
    • Terms & Conditions
    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Terms & Conditions
    Friday, August 1
    Facebook Twitter
    Middle East Daily
    • Home
    • News

      Legends Charity Game in Lisbon to raise millions for charity

      ECAE hosts third edition of the Universities Collaboration Forum

      J-PAL MENA AT AUC CELEBRATES FIVE YEARS OF EVIDENCE POLICYMAKING IN THE MIDDLE EAST AND NORTH AFRICA

      Khalifa Fund for Enterprise Development and 42 Abu Dhabi partner to host inaugural coding bootcamp ‘Piscine’ in Al Ain Region

      Wynn Al Marjan Island debuts Enclave: A destination within a destination

    • Business

      Dubai’s rise as the global capital of branded residences: Documented by Provident

      Talabat relaunches riders vending machine initiative for the second year in a row

      NBK marks milestone with $800mln additional Tier 1 Bond listing on the London Stock Exchange

      Quest Global Joins UAE’s NextGen FDI Initiative to Support Local Engineering Research and Development

      Sony’s New NFL Coach’s Headsets are Set to Debut on the Sidelines for 2025 Season

    • Technology

      Sony’s New NFL Coach’s Headsets are Set to Debut on the Sidelines for 2025 Season

      Player Protection in the Spotlight at SBC Summit 2025

      Ultra comfort, from sleep to workout: Samsung Galaxy Watch8 Series now available for UAE pre-orders

      Du and Huawei renew partnership to accelerate Emiratisation and digital talent development in UAE

      Yango Launches Enhanced Commuting Experience in Abu Dhabi and Sharjah with Transport Service

    • Lifestyle

      Dubai’s rise as the global capital of branded residences: Documented by Provident

      Joel Corry and Imanbek to headline star-studded SBC Summit Opening Party

      Ultra comfort, from sleep to workout: Samsung Galaxy Watch8 Series now available for UAE pre-orders

      Yango Launches Enhanced Commuting Experience in Abu Dhabi and Sharjah with Transport Service

      Sony’s Ultimate Travel Tech Guide for a Smarter Summer

    Breaking News:
    • Dubai’s rise as the global capital of branded residences: Documented by Provident
    • Talabat relaunches riders vending machine initiative for the second year in a row
    • NBK marks milestone with $800mln additional Tier 1 Bond listing on the London Stock Exchange
    • Quest Global Joins UAE’s NextGen FDI Initiative to Support Local Engineering Research and Development
    • Sony’s New NFL Coach’s Headsets are Set to Debut on the Sidelines for 2025 Season
    • Binghatti opens its London Boutique Marking Larger International Presence
    • United Arab Bank net profit up by 50% for the first half of 2025
    • PGIM and ADGM Academy launch RealAssetX Abu Dhabi to drive innovation and AI for the real asset industry
    Middle East Daily
    Home » Kaspersky uncovers $500K crypto heist through malicious packages
    Business

    Kaspersky uncovers $500K crypto heist through malicious packages

    Share
    Facebook Twitter LinkedIn Pinterest WhatsApp

    Kaspersky GReAT (Global Research and Analysis Team) experts have discovered open-source packages that download the Quasar backdoor and a stealer designed to exfiltrate cryptocurrency. The malicious packages are intended for the Cursor AI development environment, which is based on Visual Studio Code — a tool used for AI-assisted coding.

    The malicious open-source packages are extensions hosted in the Open VSX repository that claim to provide support for the Solidity programming language. However, in practice, they download and execute malicious code on users’ devices.

    During an incident response, a blockchain developer from Russia reached out to Kaspersky after installing one of these fake extensions on his computer, which allowed attackers to steal approximately $500,000 worth of crypto assets.

    The threat actor behind these packages managed to deceive the developer by making the malicious package rank higher than the legitimate one. The attacker achieved this by artificially inflating the malicious package’s downloads count to 54,000.

    Search results for the query “solidity”: the malicious extension (highlighted in red) and the legitimate one (highlighted in green).

    After installation, the victim gained no actual functionality from the extension. Instead, malicious ScreenConnect software was installed on the computer, granting threat actors remote access to the infected device. Using this access, they deployed the open-source Quasar backdoor along with a stealer that collects data from browsers, email clients, and crypto wallets. With these tools, the threat actors were able to obtain the developer’s wallet seed phrases and subsequently steal cryptocurrency from the accounts.

    After the malicious extension downloaded by the developer was discovered and removed from the repository, the threat actor republished it and artificially inflated its installation count to a higher number – 2 million, compared to 61,000 for the legitimate package. The extension was removed from the platform following a request from Kaspersky.

    “Spotting compromised open-source packages with the naked eye is becoming increasingly difficult. Threat actors are using increasingly creative tactics to deceive potential victims, even developers who have a strong understanding of cybersecurity risks — particularly those working in the blockchain development field. As we expect adversaries to continue targeting developers, it is recommended that even experienced IT professionals deploy dedicated security solutions to safeguard sensitive data and prevent financial losses,” commented Georgy Kucherin, Security Researcher with Kaspersky’s Global Research and Analysis Team.

    The threat actor behind the attack published not only malicious Solidity extensions but also another NPM package, solsafe, which also downloads ScreenConnect. A few months earlier, three additional malicious Visual Studio Code extensions were released — solaibot, among-eth, and blankebesxstnion — all of them have already been removed from the repository.

    To stay safe, Kaspersky recommends:

    • Use a solution for monitoring the used open-source components in order to detect the threats that might be hidden inside.
    • If you suspect that a threat actor may have gained access to your company’s infrastructure, we recommend using the Kaspersky Compromise Assessment service to uncover any past or ongoing attacks.
    • Verify package maintainers: check the credibility of the maintainer or organization behind the package. Look for consistent version history, documentation, and an active issue tracker.
    • Stay informed on emerging threats: subscribe to security bulletins and advisories related to the open-source ecosystem. The earlier you know about a threat, the faster you can respond.

    More information is available in a report on Securelist.com.

    About Kaspersky

    Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp

    Related Posts

    Business

    Dubai’s rise as the global capital of branded residences: Documented by Provident

    Business

    Talabat relaunches riders vending machine initiative for the second year in a row

    Business

    NBK marks milestone with $800mln additional Tier 1 Bond listing on the London Stock Exchange

    Business

    Quest Global Joins UAE’s NextGen FDI Initiative to Support Local Engineering Research and Development

    Business

    Sony’s New NFL Coach’s Headsets are Set to Debut on the Sidelines for 2025 Season

    Business

    Binghatti opens its London Boutique Marking Larger International Presence

    Business

    United Arab Bank net profit up by 50% for the first half of 2025

    Business

    PGIM and ADGM Academy launch RealAssetX Abu Dhabi to drive innovation and AI for the real asset industry

    Follow Us
    • Facebook
    • Twitter
    Top Posts
    Business

    Le Méridien Dubai appoints new leadership at Casa Mia and The Dubliner’s

    Dubai, UAE – Le Méridien Dubai Hotel & Conference Centre proudly announces the appointment of two…

    Business

    Panasonic debuts next-generation PTZ camera that reduces the burden on shooting sites

    Panasonic Marketing Middle East & Africa (PMMAF) has announced the regional launch of the AW-UE160W/K,…

    Lifestyle

    Discover ‘Central Chidlom: The Store of Bangkok,’  a World-Class Luxury Shopping Experience for Middle Eastern Travellers

    Bangkok, Thailand 16 June 2025 – Central Chidlom, the flagship store of Central Department Store…

    Business

    Saudi Energy Convention Launched To Fast-Track Growth In Kingdom’s Energy, Hydrogen And Water Sectors

    Saudi Arabia has become one of the world’s fastest-growing economies, with national development plans presenting…

    Business

    Emirates REIT reports a strong Q1 2025 with 24% increase in property income

    Dubai, United Arab Emirates – Equitativa (Dubai) Limited (“Equitativa”), manager of Emirates REIT (CEIC) PLC (“Emirates…

    Welcome to Middle East Daily, your daily dose of news and insights from the heart of the Middle East. Explore the latest headlines, delve into thought-provoking analysis, and engage with stories that define our region's narrative.

    Facebook Twitter
    Categories
    • Business (337)
    • Lifestyle (124)
    • News (129)
    • Technology (88)
    Top Insights
    News

    Diriyah Company Signs Strategic Trade Travel Agreements for Diriyah, The City of Earth, with Global Travel Partners Abercrombie & Kent and Almosafer

    Lifestyle

    A Gift of Enduring Spirit: Liu Shiming Art Foundation Announced Sculpture Donation to AUC

    © 2025 Middle East Daily.
    • Home
    • Privacy Policy
    • Terms & Conditions

    Type above and press Enter to search. Press Esc to cancel.