[Hackers Exploit Ethereum Smart Contracts to Spread New Malware] Research from digital asset compliance company ReversingLabs reveals that hackers are storing malicious instructions in Ethereum smart contracts and spreading new malware through the Node Package Manager (NPM) software package repository. The packages "colortoolsv2" and "mimelib2," released in July, retrieve the download addresses for the second-stage malware by querying blockchain smart contracts, thereby bypassing traditional security scans. This attack method is part of a social engineering scheme, where hackers create fake cryptocurrency trading bot repositories on GitHub, forge commit histories, and maintain professional documentation to enhance credibility. The study points out that while North Korean hacker group Lazarus has previously used similar techniques, hosting malicious URLs via smart contracts is unprecedented, indicating that attack strategies are continuously evolving.