Illicit AI-assisted commit-linked npm dependency compromises crypto wallets

North Korean state-backed threat group Famous Chollima, also known as APT37 and Reaper, has published the malicious @validate-sdk/v2 npm package purporting to be a validation tool, which is associated with a code commit co-authored by Anthropic's Claude Opus model, to breach cryptocurrency wallets as part of the PromptMink campaign that has been underway for the past seven months, according to Infosecurity Magazine.

Before the addition of the @validate-sdk/v2 package to an autonomous trading agent in February, Famous Chollima had already used a two-layer package strategy for clandestine compromise, with Web3 utility-spoofing packages seeking to lure developers as secondary dependencies enabled malware deployment, a report from ReversingLabs researchers showed. More than 300 versions of packages have already been used in the PromptMink campaign, whose payload evolved from initially focusing on sensitive data theft to eventual directory scanning for environment files and cryptocurrency-related data, system information siphoning, project folder compression prior to exfiltration, and SSH key injections for persistence.

Famous Chollima's shift from JavaScript-based code to Rust-based payloads and compiled binaries has also enabled similar compromise across Windows and Linux systems.