No Result
View All Result
SUBMIT YOUR ARTICLES
  • Login
Wednesday, October 29, 2025
TheAdviserMagazine.com
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
No Result
View All Result
TheAdviserMagazine.com
No Result
View All Result
Home Market Research Cryptocurrency

NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries

by TheAdviserMagazine
2 months ago
in Cryptocurrency
Reading Time: 2 mins read
A A
NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries
Share on FacebookShare on TwitterShare on LInkedIn


Hackers have compromised widely used JavaScript software libraries in what’s being called the largest supply chain attack in history. The injected malware is reportedly designed to steal crypto by swapping wallet addresses and intercepting transactions.

According to several reports on Monday, hackers broke into the node package manager (NPM) account of a well-known developer and secretly added malware to popular JavaScript libraries used by millions of apps.

The malicious code swaps or hijacks crypto wallet addresses, potentially putting many projects at risk.

“There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised,” Ledger Chief Technology Officer Charles Guillemet warned on Monday. “The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.”

Source: Minal Thukral

The breach targeted packages such as chalk, strip-ansi and color-convert — small utilities buried deep in the dependency trees of countless projects. Together, these libraries are downloaded more than a billion times each week, meaning even developers who never installed them directly could be exposed.

NPM is like an app store for developers — a central library where they share and download small code packages to build JavaScript projects.

Attackers appear to have planted a crypto-clipper, a type of malware that silently replaces wallet addresses during transactions to divert funds.

Security researchers warned that users relying on software wallets may be especially vulnerable, while those confirming every transaction on a hardware wallet are protected.

Phishing emails gave attackers access to NPM maintainer accounts

Attackers sent emails posing as official NPM support, warning maintainers that their accounts would be locked unless they “updated” two-factor authentication by September 10.

The fake site captured login credentials, giving hackers control over a maintainer’s account. Once inside, the attackers pushed malicious updates to packages with billions of weekly downloads.

Charlie Eriksen, a researcher at Aikido Security, told BleepingComputer the attack was especially dangerous because it operated “at multiple layers: altering content shown on websites, tampering with API calls, and manipulating what users’ apps believe they are signing.”

JavaScript, Hackers
Phishing email sent to JavaScript developers on Monday. Source: Github/Burnett01

This is a developing story, and further information will be added as it becomes available.

Magazine: Inside a 30,000 phone bot farm stealing crypto airdrops from real users



Source link

Tags: attackCoreCryptoStealingInjectsJavaScriptLibrariesMalwareNPM
ShareTweetShare
Previous Post

Signet (SIG) remains well-positioned for its all-important season, here’s why

Next Post

5 Dividend “Rules” That Don’t Hold Up in 2025

Related Posts

edit post
Trump Media And Crypto.Com Unveil Predictions Market Partnership

Trump Media And Crypto.Com Unveil Predictions Market Partnership

by TheAdviserMagazine
October 29, 2025
0

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure President Donald Trump’s social media platform, Truth...

edit post
Bitcoin treasury company Sequans moves 970 BTC to Coinbase Prime

Bitcoin treasury company Sequans moves 970 BTC to Coinbase Prime

by TheAdviserMagazine
October 29, 2025
0

Key Takeaways French semiconductor firm Sequans Communications deposited 970 BTC worth $111 million on Coinbase Prime on Tuesday. The company...

edit post
Can Solana handle 100M Western Union users sending dollar tokens worldwide?

Can Solana handle 100M Western Union users sending dollar tokens worldwide?

by TheAdviserMagazine
October 28, 2025
0

Western Union will distribute a Solana-based stablecoin to its 100 million-plus customers starting in the first half of 2026, pairing...

edit post
Trump Insider Whale Reloads 0M Long on BTC, ETH Ahead of Tomorrow’s Fed Rate Cut Decision

Trump Insider Whale Reloads $430M Long on BTC, ETH Ahead of Tomorrow’s Fed Rate Cut Decision

by TheAdviserMagazine
October 28, 2025
0

The “Trump Insider whale” has reportedly opened a $430 million long position in Bitcoin and Ethereum. This comes ahead of...

edit post
Dogecoin Price Hasn’t Begun Its 3rd Wave Yet, ATH Above alt=

Dogecoin Price Hasn’t Begun Its 3rd Wave Yet, ATH Above $0.8 Still In The Cards

by TheAdviserMagazine
October 28, 2025
0

The recent Dogecoin market action has seen its price now hovering below $0.20 after surging to $0.208 in the past...

edit post
Bitcoin Miner Terawulf Secures 25-Year AI Compute Contract Worth .5B

Bitcoin Miner Terawulf Secures 25-Year AI Compute Contract Worth $9.5B

by TheAdviserMagazine
October 28, 2025
0

Terawulf has inked a 25-year joint venture with Fluidstack to build a 168-megawatt (MW) high-performance computing (HPC) facility in Abernathy,...

Next Post
edit post
5 Dividend “Rules” That Don’t Hold Up in 2025

5 Dividend “Rules” That Don’t Hold Up in 2025

edit post
10 Portfolio Rebalancing Mistakes Investors Keep Repeating

10 Portfolio Rebalancing Mistakes Investors Keep Repeating

  • Trending
  • Comments
  • Latest
edit post
77-year-old popular furniture retailer closes store locations

77-year-old popular furniture retailer closes store locations

October 18, 2025
edit post
Pennsylvania House of Representatives Rejects Update to Child Custody Laws

Pennsylvania House of Representatives Rejects Update to Child Custody Laws

October 7, 2025
edit post
What to Do When a Loved One Dies in North Carolina

What to Do When a Loved One Dies in North Carolina

October 8, 2025
edit post
Another Violent Outburst – Democrats Inciting Civil Unrest

Another Violent Outburst – Democrats Inciting Civil Unrest

October 24, 2025
edit post
Probate vs. Non-Probate Assets: What’s the Difference?

Probate vs. Non-Probate Assets: What’s the Difference?

October 17, 2025
edit post
California Attorney Pleads Guilty For Role In 2M Ponzi Scheme

California Attorney Pleads Guilty For Role In $912M Ponzi Scheme

October 15, 2025
edit post
Key highlights from Electronic Arts’ (EA) Q2 2026 earnings results

Key highlights from Electronic Arts’ (EA) Q2 2026 earnings results

0
edit post
Israel’s tech sector shrinks amid AI uncertainties

Israel’s tech sector shrinks amid AI uncertainties

0
edit post
VF Corp tops Q2 forecast on strong back-to-school, wholesale demand

VF Corp tops Q2 forecast on strong back-to-school, wholesale demand

0
edit post
Now He’s Saying to Buy

Now He’s Saying to Buy

0
edit post
The Trump Administration Is Lying Us Into Another War

The Trump Administration Is Lying Us Into Another War

0
edit post
Ferrari Launches NFT Car Collection – Receives Massive Criticism

Ferrari Launches NFT Car Collection – Receives Massive Criticism

0
edit post
VF Corp tops Q2 forecast on strong back-to-school, wholesale demand

VF Corp tops Q2 forecast on strong back-to-school, wholesale demand

October 29, 2025
edit post
Israel’s tech sector shrinks amid AI uncertainties

Israel’s tech sector shrinks amid AI uncertainties

October 29, 2025
edit post
The Trump Administration Is Lying Us Into Another War

The Trump Administration Is Lying Us Into Another War

October 29, 2025
edit post
Extending Inherited IRA Distributions Beyond 10 Years By Naming Intentionally Non-Designated Beneficiaries

Extending Inherited IRA Distributions Beyond 10 Years By Naming Intentionally Non-Designated Beneficiaries

October 29, 2025
edit post
Now He’s Saying to Buy

Now He’s Saying to Buy

October 29, 2025
edit post
Akasa Air will look at IPO in next 2-5 years, says CEO Vinay Dube

Akasa Air will look at IPO in next 2-5 years, says CEO Vinay Dube

October 29, 2025
The Adviser Magazine

The first and only national digital and print magazine that connects individuals, families, and businesses to Fee-Only financial advisers, accountants, attorneys and college guidance counselors.

CATEGORIES

  • 401k Plans
  • Business
  • College
  • Cryptocurrency
  • Economy
  • Estate Plans
  • Financial Planning
  • Investing
  • IRS & Taxes
  • Legal
  • Market Analysis
  • Markets
  • Medicare
  • Money
  • Personal Finance
  • Social Security
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • VF Corp tops Q2 forecast on strong back-to-school, wholesale demand
  • Israel’s tech sector shrinks amid AI uncertainties
  • The Trump Administration Is Lying Us Into Another War
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclosures
  • Contact us
  • About Us

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.