Malicious npm Package Caught Hijacking ERC20 Contracts to Drain USDT
On 26 March 2024, Phylum’s automated risk detection platform flagged a suspicious publication to npm called vue2util. It bills itself as, and upon first glance appears to be, a simple collection of utility functions for