PSA warning: caveat emptor crypto traders

pmbug

pmbug

Well-Known Member
There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.

The malicious payload works by silently swapping crypto addresses on the fly to steal funds.

If you use a hardware wallet, pay attention to every transaction before signing and you're safe.

If you don’t use a hardware wallet, refrain from making any on-chain transactions for now.

It’s still unclear whether the attacker is also stealing seeds from software wallets directly at this stage.
Click to expand...

https://x.com/P3b7_/status/1965094840959410230

Wow! The entire crypto space (ie. just about every browser based wallet, extension or website) may be at risk as JavaScript itself suffers a hack injecting malicious code designed to hijack transactions for Bitcoin (BTC), Ethereum (ETH), Solana (SOL), Tron (TRX), Litecoin (LTC), and Bitcoin Cash (BCH).
 
Update on the NPM attack: The attack fortunately failed, with almost no victims.

It began with a phishing email from a fake npm support domain that stole credentials and gave attackers access to publish malicious package updates. The injected code targeted web crypto activity, hooking into Ethereum, Solana and other chains to hijack transactions, and replacing wallet addresses directly in network responses.

The attackers’ mistakes caused crashes in CI/CD pipelines, which led to early detection and limited impact. Still, this is a clear reminder: if your funds sit in a software wallet or on an exchange, you’re one code execution away from losing everything. Supply chain compromises remain a powerful malware delivery vector, and we’re also seeing more targeted attacks emerge.

Hardware wallets are built to withstand these threats. Features like Clear Signing let you confirm exactly what’s happening, and Transaction Checks flag suspicious activity before it’s too late.

The immediate danger may have passed, but the threat hasn’t. Stay safe.
Click to expand...

https://x.com/P3b7_/status/1965336272550899932
 
pmbug said:
https://x.com/P3b7_/status/1965094840959410230

Wow! The entire crypto space (ie. just about every browser based wallet, extension or website) may be at risk as JavaScript itself suffers a hack injecting malicious code designed to hijack transactions for Bitcoin (BTC), Ethereum (ETH), Solana (SOL), Tron (TRX), Litecoin (LTC), and Bitcoin Cash (BCH).
Click to expand...
I heard about this. Not a big deal if you verify all addresses that you're receiving to on your hardware wallet.
 
You must log in or register to reply here.
Back
Top