Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
get-eth-balances
Advanced tools
npm i -g get-eth-balances
Write result to console:
get-npm-balances -i input_file
Write result to file:
get-npm-balances -i input_file > output.csv
Example input file:
0x005e288d713a5fb3d7c9cf1b43810a98688c7223
0xb351fab977e6edf76a9e597552dc05d64873ace7
0X760667F83CF5745402C4D531A78A42AFBC4D326F
0xf5d6ba3fd938ceed413786cc5985818c4e77e76a
0xfb1d425ed340cc84ba97e3869fff725d27d57841
0X929C0454377924D514262A24A9B90DC66A3AF1B7
0x41e5b32787f4a090e0ffb294098b73cc7f386fce
0xb64ef51c888972c908cfacf59b47c1afbc0ab8ac
0XF888FE1E7719EA1911457CC0C791ED937BD3CCB9
0x96a0a6ed0ebe0b365170d837bf5ed8a52052e2a1
0X761A8C8F9D8CF595EE8ACF58B97828A6B7C297AB
0x4a87f5001b3c2c411e5e0b19df1fb0353ef86eab
0x5b9422b9bdacf5d8c15c8549cd901cf077891574
0X164B42094143265D8B08DFCC917FEF4EE1C0AD32
0xd0438f36db9f82744d8397ef07dd1911b0583baa
0x86ad632c36425f0e0af2fcd6f55c160e10c04b26
0X38A033B8308F75ADADE619F4199D34431B6EE107
0x9d05c576f27c03d2b0aafe6ac8ac0d1e3e51abf4
0x06012c8cf97bead5deae237070f9587f8e7a266d
0X9AE88D99C134D579EC3FE2B75F371ED2AAAE1C94
0x80792688d7762839b76ad083abfb65cdaea99960
0xe1ec38ec1575ccaa3281f0b26cc7a18b8366674a
0XE98187F7128120AEB26735D2BF94A7ACD23BA1C1
0x0aca31680edd22a8d0c2795297db5082c75f14b1
0xe0c8087ce1a17bdd5d6c12eb52f8d7eff7791987
0X743492EE0D793E6952ABFE81486AB557127A6A1B
0x8f45debb9729bf4fc24ef9bdca0a4831d37ad55a
0x4390a19282c661c9eb8ffb47faca7ad4b47d21fc
0X52D7C6C1E0F434A22E97D64F13FE173D016E459B
0x4ca29c283f5b6e7808e35ed9430813f26ffd6b7b
0x340b84a70520f721fde96c7ad663383c31e416cb
0x71c7656ec7ab88b098defb751b7401b5f6d8976f```
FAQs
Unknown package
The npm package get-eth-balances receives a total of 3 weekly downloads. As such, get-eth-balances popularity was classified as not popular.
We found that get-eth-balances demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.