Ghost Campaign Uses 7 npm Packages to Steal Cryptocurrency Wallets and Credentials

Cybersecurity researchers at ReversingLabs identified a malicious campaign dubbed "Ghost" involving seven npm packages published by a user named mikilanjillo. These packages are designed to steal cryptocurrency wallets and sensitive credentials. The identified packages include react-performance-suite, react-state-optimizer-core, react-fast-utilsa, and ai-fast-auto-trader. No specific dates, CVE IDs, or technical implementation details were disclosed in the report. The primary impact is the exfiltration of crypto assets and user credentials from affected systems.