No Result
View All Result
SUBMIT YOUR ARTICLES
  • Login
Monday, October 27, 2025
TheAdviserMagazine.com
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal
No Result
View All Result
TheAdviserMagazine.com
No Result
View All Result
Home Market Research Cryptocurrency

NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries

by TheAdviserMagazine
2 months ago
in Cryptocurrency
Reading Time: 2 mins read
A A
NPM Attack Injects Crypto-Stealing Malware Into Core JavaScript Libraries
Share on FacebookShare on TwitterShare on LInkedIn


Hackers have compromised widely used JavaScript software libraries in what’s being called the largest supply chain attack in history. The injected malware is reportedly designed to steal crypto by swapping wallet addresses and intercepting transactions.

According to several reports on Monday, hackers broke into the node package manager (NPM) account of a well-known developer and secretly added malware to popular JavaScript libraries used by millions of apps.

The malicious code swaps or hijacks crypto wallet addresses, potentially putting many projects at risk.

“There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised,” Ledger Chief Technology Officer Charles Guillemet warned on Monday. “The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.”

Source: Minal Thukral

The breach targeted packages such as chalk, strip-ansi and color-convert — small utilities buried deep in the dependency trees of countless projects. Together, these libraries are downloaded more than a billion times each week, meaning even developers who never installed them directly could be exposed.

NPM is like an app store for developers — a central library where they share and download small code packages to build JavaScript projects.

Attackers appear to have planted a crypto-clipper, a type of malware that silently replaces wallet addresses during transactions to divert funds.

Security researchers warned that users relying on software wallets may be especially vulnerable, while those confirming every transaction on a hardware wallet are protected.

Phishing emails gave attackers access to NPM maintainer accounts

Attackers sent emails posing as official NPM support, warning maintainers that their accounts would be locked unless they “updated” two-factor authentication by September 10.

The fake site captured login credentials, giving hackers control over a maintainer’s account. Once inside, the attackers pushed malicious updates to packages with billions of weekly downloads.

Charlie Eriksen, a researcher at Aikido Security, told BleepingComputer the attack was especially dangerous because it operated “at multiple layers: altering content shown on websites, tampering with API calls, and manipulating what users’ apps believe they are signing.”

JavaScript, Hackers
Phishing email sent to JavaScript developers on Monday. Source: Github/Burnett01

This is a developing story, and further information will be added as it becomes available.

Magazine: Inside a 30,000 phone bot farm stealing crypto airdrops from real users



Source link

Tags: attackCoreCryptoStealingInjectsJavaScriptLibrariesMalwareNPM
ShareTweetShare
Previous Post

Signet (SIG) remains well-positioned for its all-important season, here’s why

Next Post

5 Dividend “Rules” That Don’t Hold Up in 2025

Related Posts

edit post
Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts

Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts

by TheAdviserMagazine
October 27, 2025
0

Popular technician Charting Guy (@ChartingGuy) calls Shiba Inu “weak and choppy” and suggests the token may not break out until...

edit post
HTX Research Report Spotlights SunPerp as the Breakout Player in the 2025 Perpetual DEX Boom

HTX Research Report Spotlights SunPerp as the Breakout Player in the 2025 Perpetual DEX Boom

by TheAdviserMagazine
October 27, 2025
0

This content is provided by a sponsor. PRESS RELEASE. Panama City, October 27, 2025 — HTX Research, the dedicated research...

edit post
What Happens When You Don’t Report Your Crypto Taxes to the IRS

What Happens When You Don’t Report Your Crypto Taxes to the IRS

by TheAdviserMagazine
October 27, 2025
0

Key takeawaysTax authorities like the IRS, HMRC and ATO classify crypto as a capital asset, meaning that sales, trades and...

edit post
US And China Signal Progress In Kuala Lumpur; Crypto Traders Take Notice

US And China Signal Progress In Kuala Lumpur; Crypto Traders Take Notice

by TheAdviserMagazine
October 26, 2025
0

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure The United States and China wrapped up...

edit post
SharpLink Gaming Withdraws M Ethereum, Boosts Supercycle

SharpLink Gaming Withdraws $78M Ethereum, Boosts Supercycle

by TheAdviserMagazine
October 26, 2025
0

Ethereum’s fundamentals continue to strengthen as major investors and analysts signal renewed confidence in the asset. Institutional investors like SharpLink...

edit post
Decentralized exchanges surpass  trillion monthly volume as volatility spikes

Decentralized exchanges surpass $1 trillion monthly volume as volatility spikes

by TheAdviserMagazine
October 26, 2025
0

Perpetual decentralized exchanges (perp DEXes) registered $1.049 trillion in monthly volume as of Oct. 24, marking the first time on-chain...

Next Post
edit post
5 Dividend “Rules” That Don’t Hold Up in 2025

5 Dividend “Rules” That Don’t Hold Up in 2025

edit post
10 Portfolio Rebalancing Mistakes Investors Keep Repeating

10 Portfolio Rebalancing Mistakes Investors Keep Repeating

  • Trending
  • Comments
  • Latest
edit post
77-year-old popular furniture retailer closes store locations

77-year-old popular furniture retailer closes store locations

October 18, 2025
edit post
Pennsylvania House of Representatives Rejects Update to Child Custody Laws

Pennsylvania House of Representatives Rejects Update to Child Custody Laws

October 7, 2025
edit post
What to Do When a Loved One Dies in North Carolina

What to Do When a Loved One Dies in North Carolina

October 8, 2025
edit post
Another Violent Outburst – Democrats Inciting Civil Unrest

Another Violent Outburst – Democrats Inciting Civil Unrest

October 24, 2025
edit post
Probate vs. Non-Probate Assets: What’s the Difference?

Probate vs. Non-Probate Assets: What’s the Difference?

October 17, 2025
edit post
California Attorney Pleads Guilty For Role In 2M Ponzi Scheme

California Attorney Pleads Guilty For Role In $912M Ponzi Scheme

October 15, 2025
edit post
9 Things Retirees Should Stop Buying, According to Financial Experts

9 Things Retirees Should Stop Buying, According to Financial Experts

0
edit post
A Mind-Blowing Way of Looking at Math (with David Bessis)

A Mind-Blowing Way of Looking at Math (with David Bessis)

0
edit post
Adani Energy Q2 Results: Cons profit falls 21% YoY to Rs 534 crore, revenue rises 7%

Adani Energy Q2 Results: Cons profit falls 21% YoY to Rs 534 crore, revenue rises 7%

0
edit post
Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts

Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts

0
edit post
How Wage Increases Compare to Inflation, According to Workers

How Wage Increases Compare to Inflation, According to Workers

0
edit post
Alphabet: Chart-Setup deutet auf dynamische Trendfortsetzung hin!

Alphabet: Chart-Setup deutet auf dynamische Trendfortsetzung hin!

0
edit post
9 Things Retirees Should Stop Buying, According to Financial Experts

9 Things Retirees Should Stop Buying, According to Financial Experts

October 27, 2025
edit post
Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts

Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts

October 27, 2025
edit post
Nobel prize winner says Venezuela has a ‘unique’ .7 trillion opportunity to privatize its companies and reverse socialist ‘disaster’

Nobel prize winner says Venezuela has a ‘unique’ $1.7 trillion opportunity to privatize its companies and reverse socialist ‘disaster’

October 27, 2025
edit post
Bessent lists Fed chair finalists, Trump says decision by end of year

Bessent lists Fed chair finalists, Trump says decision by end of year

October 27, 2025
edit post
How Wage Increases Compare to Inflation, According to Workers

How Wage Increases Compare to Inflation, According to Workers

October 27, 2025
edit post
Medtronic Jerusalem unit to lay off 60 employees

Medtronic Jerusalem unit to lay off 60 employees

October 27, 2025
The Adviser Magazine

The first and only national digital and print magazine that connects individuals, families, and businesses to Fee-Only financial advisers, accountants, attorneys and college guidance counselors.

CATEGORIES

  • 401k Plans
  • Business
  • College
  • Cryptocurrency
  • Economy
  • Estate Plans
  • Financial Planning
  • Investing
  • IRS & Taxes
  • Legal
  • Market Analysis
  • Markets
  • Medicare
  • Money
  • Personal Finance
  • Social Security
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • 9 Things Retirees Should Stop Buying, According to Financial Experts
  • Shiba Inu Hides A 2,000% End-Cycle Breakout, Analyst Predicts
  • Nobel prize winner says Venezuela has a ‘unique’ $1.7 trillion opportunity to privatize its companies and reverse socialist ‘disaster’
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclosures
  • Contact us
  • About Us

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Financial Planning
    • Financial Planning
    • Personal Finance
  • Market Research
    • Business
    • Investing
    • Money
    • Economy
    • Markets
    • Stocks
    • Trading
  • 401k Plans
  • College
  • IRS & Taxes
  • Estate Plans
  • Social Security
  • Medicare
  • Legal

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.