Blockchain and Node.js abused by Tsundere: an emerging botnet
Securelist
Actively Exploited
Summary
Kaspersky GReAT experts have identified the Tsundere botnet, which utilizes Node.js-based bots to exploit web3 smart contracts. The campaign poses a significant cybersecurity threat as it spreads through MSI installers and PowerShell scripts, indicating a sophisticated method of propagation.
Impact
Node.js, web3 smart contracts, MSI installers, PowerShell scripts
In the Wild
Yes
Timeline
Newly disclosed
Remediation
Implement security measures to monitor and restrict the use of MSI installers and PowerShell scripts. Regularly update and patch Node.js environments and web3 applications.