BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

ViteVenom: 7 Malicious npm Packages Target Vite Ecosystem

Malicious npm packages target Vite ecosystem in blockchain-based supply chain attack.

  • Researchers at Checkmarx uncovered the ViteVenom campaign, a software supply chain attack using seven malicious npm packages targeting the Vite frontend tooling ecosystem.
  • The attack, attributed to the threat actor SuccessKey, repurposes the ChainVeil malware’s blockchain-based command-and-control infrastructure across Tron, Aptos, and Binance Smart Chain.
  • The malicious packages were published to npm between June 29 and July 3, 2026, with over 2,400 total downloads, and execute a remote access trojan upon code import.

Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack orchestrated by a threat actor named SuccessKey. The campaign, codenamed ViteVenom by Checkmarx, expands upon the previously observed ChainVeil malware, which utilized a blockchain-based command-and-control (C2) infrastructure spanning Tron, Aptos, and Binance Smart Chain.

- Advertisement -

This iteration specifically focuses on developers building applications with the Vite build tool. The malicious packages, published between June 29 and July 3, 2026, include @uw010010/vite-tree and @vite-tab/tab, among others, according to a Checkmarx analysis.

Activity linked to SuccessKey has been detected as far back as February 27, 2026, when associated cryptocurrency wallets were activated. Unlike the ChainVeil campaign’s unscoped typosquats, ViteVenom uses scoped package names to impersonate the legitimate “@vitejs/*” namespace.

The malicious code acts as a loader by querying the Tron blockchain for the latest transaction from the attacker’s wallet to obtain a Binance Smart Chain transaction hash. The attacker subsequently retrieves and decrypts the final payload using a hard-coded key, delivering a remote access trojan capable of reverse shell, credential harvesting, and file exfiltration.

Checkmarx researcher Pavan Gudimalla explained that “this tactic makes disabling or destroying the C2 infrastructure extremely difficult.” Users who have installed any of the identified packages are advised to remove them immediately, audit dependencies, and rotate all credentials.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

SpaceX Stock Future: Starlink Profit vs $5B Loss & $2.1T Valuation

Starlink is profitable and growing, generating $11.4 billion in revenue in 2025 and making...

China’s Moonshot AI Launches Kimi K3, Triggering Global Tech Selloff

Moonshot AI launched Kimi K3 on Thursday, a 2.8-trillion-parameter open-weight model that ranked alongside...

Nebius Secures $775M Loan Backed by Deployed GPU Hardware

Nebius secured a $775 million senior secured debt facility backed by GPU hardware and...

Bitcoin dips below $62.5K as US-Iran war, stocks slide at Wall Street open

Bitcoin dipped below $62,500 at Friday’s Wall Street open as escalating US-Iran tensions dragged...

SanDisk stock crashes 12.6%, analysts predict worst-case drop to $1,000

SanDisk stock (NASDAQ: SNDK) crashed 12.63% on Thursday in the largest semiconductor sell-off of...

Must Read

How to Set Up a Simple Bitcoin Tip Jar for Your Site or Stream

QUICK LINKSWhat a tip jar is, in plain wordsWhat you needBuild a payment link that just worksAdd a QR code that actually scansWhere to...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading