Risk Warning: Beware of illegal fundraising in the name of 'virtual currency' and 'blockchain'. — Five departments including the Banking and Insurance Regulatory Commission
Information
Discover
Search
Login
简中
繁中
English
日本語
한국어
ภาษาไทย
Tiếng Việt
BTC
ETH
HTX
SOL
BNB
View Market
The attacker behind the NPM developer account is suspected to have only made about $20.
8hours ago

According to CertiK Alert, developer Qix's NPM account was targeted by a phishing attack, with the attacker injecting malicious code into NPM. According to Security Alliance, the attacker appears to have only profited approximately $0.05 in ETH and $20 in Meme coins.

Earlier news, Ledger CTO Charles Guillemet wrote, "A large-scale supply chain attack is currently underway: the NPM account of a well-known developer has been compromised. The affected packages have been downloaded more than 1 billion times, which means that the entire JavaScript ecosystem may be at risk. The malicious code works by silently tampering with cryptocurrency addresses in the background to steal funds."

Source Link
Recommended Articles
When prediction markets encounter information explosion: Who is building the "Bloomberg Terminal" of the crypto world?
Lazy Money Management Guide | River Launches Limited-Time 40.8% APR Income Pool; Avantis LP Points Payout Tonight (September 9th)
RWA Weekly Report | Nasdaq is striving to launch tokenized securities trading; the US Senate's cryptocurrency market structure bill enters a new phase (September 3-9).
OKX Boost's First X Launch Project: Cost-Benefit Analysis and Subsequent Participation Strategies
Pro
Lazy Money Management Guide | River Launches Limited-Time 40.8% APR Income Pool; Avantis LP Points Payout Tonight (September 9th)
OKX Boost's First X Launch Project: Cost-Benefit Analysis and Subsequent Participation Strategies
OpenSea's new Odyssey: The last chance to "make money" before the coin is launched
Overnight, "supply chain attacks" dominated headlines: What happened? How can we mitigate the risks?
24-Hour Flash News
10minutes ago
Bitget Wallet launches an innovative stablecoin investment product with a long-term annualized return of 10%, supporting redemption within seconds
21minutes ago
Ledger CTO: NPM supply chain attack has been controlled and very few users were affected
27minutes ago
Bybit and Sygnum Partner to Launch Off-Chain Custody Solution to Strengthen the Security of Institutional Crypto Assets
an hour ago
BID briefly broke through $0.182, with a daily increase of over 118%.
an hour ago
One address has become Hyperliquid's biggest loser, with cumulative losses exceeding $40 million in recent months.
an hour ago
A whale address sold 20 million ENA in the past two weeks and deposited another 2 million to Binance today.
Important News
21minutes ago
Ledger CTO: NPM supply chain attack has been controlled and very few users were affected
an hour ago
BID briefly broke through $0.182, with a daily increase of over 118%.
an hour ago
One address has become Hyperliquid's biggest loser, with cumulative losses exceeding $40 million in recent months.
an hour ago
A whale address sold 20 million ENA in the past two weeks and deposited another 2 million to Binance today.
an hour ago
Nasdaq plans to subscribe to $50 million of Gemini shares in a private placement to support its IPO
an hour ago
0xSun: I have transferred some of my ETH long positions to altcoins and am optimistic about Eigen's potential for rebound.
Download Odaily App
Let Some People Understand Web3.0 First
IOS
Android