Recently, a Node Package Manager (NPM) attack only stole $50 worth of cryptocurrency, but industry experts pointed out that this incident highlights the ongoing security vulnerabilities present in exchanges and software wallets.

According to Ledger's Chief Technology Officer Charles Guillemet, who posted on X on Tuesday, this attempted attack serves as a "clear reminder" that software wallets and exchanges still face risks.

"If your funds are stored in a software wallet or exchange, a single code execution could lead to losing everything." He also added that supply chain attacks remain a highly threatening method of malware distribution.

Guillemet advised users to utilize hardware wallets and emphasized that features like clear signatures and transaction checks can help users defend against similar threats. "The immediate danger may have passed, but the threat has not disappeared." He urged users to remain vigilant.

The attack occurred after hackers sent phishing emails through a spoofed NPM support domain to obtain credentials.

After gaining access to developer accounts, the hackers pushed malicious updates to several popular libraries, including chalk, debug, and strip-ansi.

The injected code attempted to hijack transactions on multiple blockchains, including Bitcoin (BTC), Ethereum (ETH), Solana (SOL), Tron (TRON), and Litecoin (LTC), by intercepting wallet addresses and replacing them in network responses.

According to Anatoly Makosov, Chief Technology Officer of the Open Network (TON), only 18 specific versions of packages were affected, and a rollback patch has been released.

Makosov explained the attack mechanism, noting that the affected packages effectively acted as cryptocurrency clipboard trojans. In products relying on the infected versions, these packages would quietly spoof wallet addresses.

This means that web applications interacting with the aforementioned blockchains could have their transactions intercepted and redirected without the user's knowledge.

He stated that developers who built their applications within hours of the malicious update being released, as well as those who automatically updated their codebases instead of locking them to secure versions, are at the highest risk.

Makosov shared a checklist for developers to self-check if their applications were affected, primarily marked by whether the code used a version of one of the 18 popular libraries (such as ansi-styles, chalk, or debug). He pointed out that if a project relies on these versions, it is likely compromised.

He stated that the solution is to revert to a secure version, reinstall clean code, and rebuild the application. He also added that new and updated versions are now online and advised developers to quickly remove the malware to prevent impacting users.

Related: The U.S. Congress requests the Treasury Department to report on strategic Bitcoin (BTC) reserve details.

Original article: “NPM Attack Attempt Sounds Alarm, Corporate Executives Warn of Imminent Cryptocurrency Security Crisis”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。