No Result
View All Result
SUBMIT YOUR ARTICLES
  • Login
Monday, October 6, 2025
TheAdviserMagazine.com
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
No Result
View All Result
TheAdviserMagazine.com
No Result
View All Result
Home Market Research Cryptocurrency

NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries

by TheAdviserMagazine
4 weeks ago
in Cryptocurrency
Reading Time: 2 mins read
A A
NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries
Share on FacebookShare on TwitterShare on LInkedIn


Hackers have compromised widely used JavaScript software libraries in what’s being called the largest supply chain attack in history. The injected malware is reportedly designed to steal crypto by swapping wallet addresses and intercepting transactions.

According to several reports on Monday, hackers broke into the node package manager (NPM) account of a well-known developer and secretly added malware to popular JavaScript libraries used by millions of apps.

The malicious code swaps or hijacks crypto wallet addresses, potentially putting many projects at risk.

“There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised,” Ledger Chief Technology Officer Charles Guillemet warned on Monday. “The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.”

Source: Minal Thukral

The breach targeted packages such as chalk, strip-ansi and color-convert — small utilities buried deep in the dependency trees of countless projects. Together, these libraries are downloaded more than a billion times each week, meaning even developers who never installed them directly could be exposed.

NPM is like an app store for developers — a central library where they share and download small code packages to build JavaScript projects.

Attackers appear to have planted a crypto-clipper, a type of malware that silently replaces wallet addresses during transactions to divert funds.

Security researchers warned that users relying on software wallets may be especially vulnerable, while those confirming every transaction on a hardware wallet are protected.

Phishing emails gave attackers access to NPM maintainer accounts

Attackers sent emails posing as official NPM support, warning maintainers that their accounts would be locked unless they “updated” two-factor authentication by September 10.

The fake site captured login credentials, giving hackers control over a maintainer’s account. Once inside, the attackers pushed malicious updates to packages with billions of weekly downloads.

Charlie Eriksen, a researcher at Aikido Security, told BleepingComputer the attack was especially dangerous because it operated “at multiple layers: altering content shown on websites, tampering with API calls, and manipulating what users’ apps believe they are signing.”

JavaScript, Hackers
Phishing email sent to JavaScript developers on Monday. Source: Github/Burnett01

This is a developing story, and further information will be added as it becomes available.

Magazine: Inside a 30,000 phone bot farm stealing crypto airdrops from real users



Source link

Tags: attackCoreCryptoStealingInjectsJavaScriptLibrariesMalwareNPM
ShareTweetShare
Previous Post

Signet (SIG) remains well-positioned for its all-important season, here’s why

Next Post

5 Dividend “Rules” That Don’t Hold Up in 2025

Related Posts

edit post
Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?

Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?

by TheAdviserMagazine
October 6, 2025
0

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure Bitcoin und andere Kryptowährungen erleben eine Rekordwoche...

edit post
Ethereum’s Price as Grayscale Launches Staking ETPs – ,331?

Ethereum’s Price as Grayscale Launches Staking ETPs – $7,331?

by TheAdviserMagazine
October 6, 2025
0

The Ethereum price continues to attract significant attention after reclaiming a crucial resistance level, reinforcing optimism in the broader crypto...

edit post
Are South Korean retail traders the only thing keeping Ethereum treasury companies alive?

Are South Korean retail traders the only thing keeping Ethereum treasury companies alive?

by TheAdviserMagazine
October 6, 2025
0

Ethereum’s ongoing underperformance against Bitcoin has reignited debate over what’s holding the asset up, and who’s really behind its demand.According...

edit post
Bitcoin’s 2021 Playbook Shows The Final Price Target For This Bull Cycle

Bitcoin’s 2021 Playbook Shows The Final Price Target For This Bull Cycle

by TheAdviserMagazine
October 6, 2025
0

While the Bitcoin price seems to have deviated completely from the four-year cycle that dictated the previous bull and bear...

edit post
Russia Rejects Anti-Dollar Claims as Putin Defends BRICS Trade Strategy

Russia Rejects Anti-Dollar Claims as Putin Defends BRICS Trade Strategy

by TheAdviserMagazine
October 5, 2025
0

Vladimir Putin underscored that Russia’s BRICS strategy targets collaboration, not confrontation, insisting the bloc’s dollar shift reflects necessity and a...

edit post
Stablecoin-Focused GENIUS Act Is Beginning of the End for Banks

Stablecoin-Focused GENIUS Act Is Beginning of the End for Banks

by TheAdviserMagazine
October 5, 2025
0

The stablecoin-focused GENIUS Act, which was enacted in July, will trigger an exodus of deposits from traditional bank accounts into...

Next Post
edit post
5 Dividend “Rules” That Don’t Hold Up in 2025

5 Dividend “Rules” That Don’t Hold Up in 2025

edit post
10 Portfolio Rebalancing Mistakes Investors Keep Repeating

10 Portfolio Rebalancing Mistakes Investors Keep Repeating

  • Trending
  • Comments
  • Latest
edit post
What Happens If a Spouse Dies Without a Will in North Carolina?

What Happens If a Spouse Dies Without a Will in North Carolina?

September 14, 2025
edit post
California May Reimplement Mask Mandates

California May Reimplement Mask Mandates

September 5, 2025
edit post
Does a Will Need to Be Notarized in North Carolina?

Does a Will Need to Be Notarized in North Carolina?

September 8, 2025
edit post
DACA recipients no longer eligible for Marketplace health insurance and subsidies

DACA recipients no longer eligible for Marketplace health insurance and subsidies

September 11, 2025
edit post
‘Quiet luxury’ is coming for the housing market, The Corcoran Group CEO says. It’s not just the Hamptons, Aspen, and Miami anymore

‘Quiet luxury’ is coming for the housing market, The Corcoran Group CEO says. It’s not just the Hamptons, Aspen, and Miami anymore

September 9, 2025
edit post
Tips to Apply for Mental Health SSDI Without Therapy

Tips to Apply for Mental Health SSDI Without Therapy

September 19, 2025
edit post
Novogratz’s Galaxy Digital launches retail app to rival Robinhood

Novogratz’s Galaxy Digital launches retail app to rival Robinhood

0
edit post
Halloween Stock Market Contest – Wall Street Survivor

Halloween Stock Market Contest – Wall Street Survivor

0
edit post
What is a bull market? Definition, examples, and investment strategies.

What is a bull market? Definition, examples, and investment strategies.

0
edit post
3 False Claims About Making a Mid-Career Switch to Higher Ed

3 False Claims About Making a Mid-Career Switch to Higher Ed

0
edit post
UK NHS Encourages First-Cousin Marriages

UK NHS Encourages First-Cousin Marriages

0
edit post
Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?

Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?

0
edit post
Novogratz’s Galaxy Digital launches retail app to rival Robinhood

Novogratz’s Galaxy Digital launches retail app to rival Robinhood

October 6, 2025
edit post
Halloween Stock Market Contest – Wall Street Survivor

Halloween Stock Market Contest – Wall Street Survivor

October 6, 2025
edit post
Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?

Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?

October 6, 2025
edit post
More Workers Push Back as Return-to-Office Mandates Intensify

More Workers Push Back as Return-to-Office Mandates Intensify

October 6, 2025
edit post
David Ellison says he’s confident Bari Weiss ‘will invigorate CBS News’ as new editor-in-chief

David Ellison says he’s confident Bari Weiss ‘will invigorate CBS News’ as new editor-in-chief

October 6, 2025
edit post
How to Hire Movers in Six Steps

How to Hire Movers in Six Steps

October 6, 2025
The Adviser Magazine

The first and only national digital and print magazine that connects individuals, families, and businesses to Fee-Only financial advisers, accountants, attorneys and college guidance counselors.

CATEGORIES

  • 401k Plans
  • Business
  • College
  • Cryptocurrency
  • Economy
  • Estate Plans
  • Financial Planning
  • Investing
  • IRS & Taxes
  • Legal
  • Market Analysis
  • Markets
  • Medicare
  • Money
  • Personal Finance
  • Social Security
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • Novogratz’s Galaxy Digital launches retail app to rival Robinhood
  • Halloween Stock Market Contest – Wall Street Survivor
  • Rekordwoche für Bitcoin: Beflügelt das Allzeithoch nun auch Bitcoin Hyper?
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclosures
  • Contact us
  • About Us

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.