The Lazarus Group has shifted its focus towards users of Solana and the Exodus wallet. This hacking collective, linked to the North Korean government, has previously been implicated in the Bybit hack and other significant cryptocurrency thefts, and they are making headlines once again. Recent research by Socket revealed that the Lazarus Group has placed six harmful packages in npm, specifically aiming at software developers and cryptocurrency enthusiasts. As stated in the Socket Research report, the six harmful packages associated with Lazarus were downloaded more than 173 times in total. These packages were created to capture login information, install backdoors, and retrieve sensitive data from Solana-related cryptocurrency wallets or Exodus. The investigation highlighted that the methods and strategies used in this npm attack bear a strong resemblance to the established tactics of Lazarus. The recent cyberattack involves malware that focuses on browser profiles, probing files from Chrome, Brave, Firefox, and accessing keychain data on macOS. The six malicious packages identified are: is-buffer-validator, yoojae-validator, event-handle-package, array-empty-validator, react-event-dependency, and auth-validator. The researchers asserted that Lazarus employed typosquatting to deceive developers into installing software with misspelled names. An example of this is the package “is-buffer-validator,” which is very similar to the well-known “is-buffer” module created by Feross Aboukhadijeh, the CEO of Socket. The authentic is-buffer package boasts 33 million downloads per week and more than 134 million downloads overall, illustrating its extensive use. Moreover, Lazarus has previously breached networks utilizing supply chain attacks through platforms such as GitHub, PyPI, and npm. This has played a role in significant security breaches, such as the $1.4 billion theft from the Bybit exchange.
Related Posts

Is XRPL the Ideal Blockchain for Institutional DeFi? Exploring Speed, Efficiency, and Functionality
This article discusses the company’s vision for the future of financial services built on blockchain and digital assets. Here’s a…

Centralized Exchange Shuns ASI Merger: Can a Decentralized Future Survive?
The cryptocurrency market is experiencing turbulence following the announcement of a major token merger within the Artificial Superintelligence Alliance (ASA).…
36 Million Altcoins Later—Why Bitcoin Remains King
Altcoin proliferation dilutes the market, reinforcing Bitcoin’s dominance as a safe-haven asset. Bitcoin’s rising dominance and institutional adoption ensure its…