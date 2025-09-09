Not Even $50 Of Crypto Stolen From Large-Scale NPM Attack

By: BitcoinEthereumNews
2025/09/09 20:32
Threshold
T$0.01644+1.73%
Ethervista
VISTA$9.377-1.47%
Moonveil
MORE$0.10052+1.55%
Just Memecoin
MEMECOIN$0.002258-1.74%
Forta
FORT$0.06338+1.57%
Notcoin
NOT$0.001985-0.20%

Hackers have only managed to steal $50 worth of crypto from a massive supply chain hack affecting JavaScript software libraries, industry security researchers say.

Crypto intelligence platform Security Alliance shared the findings on Monday after hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries that have already been downloaded over 1 billion times, potentially putting countless crypto projects at risk. Ethereum and Solana wallets were specifically targeted, Security Alliance said.

Fortunately, less than $50 has been stolen from the crypto space so far, the security firm said, identifying Ethereum wallet address “0xFc4a48” as what it believes to be the only malicious address so far. It added on X:

Source: Security Alliance

“The hacker didn’t fully capitalize on the amount of access they had. It’s like finding the keycard to Fort Knox and using it as a bookmark. The malware was widespread but at this point is nearly completely neutralized,” pseudonymous SEAL security researcher Samczsun told Cointelegraph in a separate comment.

The $50 figure was, however, bumped up from five cents a few hours earlier, suggesting the potential damage may still be unfolding.

ETH, memecoin among small amount of crypto stolen

The five cents stolen were in Ether (ETH) while another $20 worth of a memecoin was compromised, Security Alliance said.

Etherscan data shows the malicious address has received Brett (BRETT), Andy (ANDY), Dork Lord (DORK), Ethervista (VISTA), and Gondola (GONDOLA) memecoins so far.

Crypto projects that didn’t download the NPMs still at risk

The breach targeted packages such as chalk, strip-ansi, and color-convert — small utilities buried deep in the dependency trees in countless projects. Even devs who never installed them directly could be exposed.

NPM is like an app store for developers — a central library where they share and download small code packages to build JavaScript projects.

Related: Pokémon cards will soon have their ‘Polymarket moment’ — Bitwise

The attackers appear to have planted a crypto-clipper, a type of malware that silently replaces wallet addresses during transactions to divert funds.

Ledger chief technology officer Charles Guillemet was among many who have urged crypto users to proceed with caution when confirming onchain transactions.

Ledger, MetaMask among crypto apps not affected

Crypto wallet providers Ledger and MetaMask marked their platforms as safe from the NPM attack — pointing to “multiple layers of defense” to protect against such attacks.

The team behind Phantom Wallet said it doesn’t use any vulnerable versions of the affected packages, while Uniswap noted that none of its apps are at risk.

Aerodrome, Blast, Blockstream Jade and Revoke.cash were among the other crypto platforms that said they were unaffected by the supply chain attack.

Source: MetaMask

You won’t be instantly drained, crypto founder says

0xngmi, the pseudonymous founder of crypto analytics platform DefiLlama, however said only crypto projects that updated after the malware-infected NPM package was published may be at risk. Even then, users must approve the malicious transaction for it to work.

Though like Guillemet, he said it may be safer to avoid using crypto websites until developers behind those platforms clean up the bad packages.

Magazine: ‘Accidental jailbreaks’ and ChatGPT’s links to murder, suicide: AI Eye

Source: https://cointelegraph.com/news/large-scale-npm-attack-compromised-less-50-dollars?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights

You May Also Like

U.S. Republican lawmakers seek scrutiny of Bitmain and Cango Inc.

U.S. Republican lawmakers seek scrutiny of Bitmain and Cango Inc.

PANews reported on September 9th that according to Bloomberg, US Republican Senator Zachary Nunn called on the federal government to investigate Bitcoin mining hardware manufacturers Bitmain and Cango Inc., claiming their growing US operations could pose a national security risk. Nunn noted that Bitmain and Cango "appear to be expanding their US operations through complex ownership structures and financing arrangements, with potential lack of transparency for regulators and the public." Representatives from both Bitmain and Cango responded by stating that they strictly abide by all US laws and have no ties to any government or state-owned enterprise. Bitmain stated that it was aware of rumors regarding its planned acquisition of Cango, but that "these rumors are completely untrue." It also denied exploring direct ownership of US power plants and called the suggestion that its mining equipment could impact infrastructure "unfounded." Cango stated that it does not comment on "market rumors" or potential mergers and acquisitions. Nunn requested an investigation by the Committee on Foreign Investment in the United States (CFIUS), an interagency panel chaired by Bessent. The panel reviews national security risks posed by foreign companies entering the U.S. market. Nunn urged CFIUS to investigate several specific allegations, including "potential ties" between Cango and foreign government actors, Bitmain's "potential acquisition" of Cango, and Cango's electricity use in the United States. Nunn serves on a congressional subcommittee that examines U.S.-China competition in the defense, technology, and economic sectors.
Union
U$0.00974-1.81%
ChainAware
AWARE$0.005899+25.45%
PUBLIC
PUBLIC$0.06306-3.50%
Share
PANews2025/09/09 20:42
Share
Fetch.ai to launch $50 million FET token buyback program

Fetch.ai to launch $50 million FET token buyback program

PANews reported on June 19 that Fetch.ai CEO and founder Humayun Sheikh announced that the platform's practicality has been significantly improved due to the increased use of ASI1 and proxy
TokenFi
TOKEN$0.01304+0.69%
Sleepless AI
AI$0.1502+19.11%
Juneo Supernet
JUNE$0.082-13.31%
Share
PANews2025/06/19 16:14
Share
Ten Web3 games worth watching in May

Ten Web3 games worth watching in May

Ten games launched their latest events including beta versions, new game modes and airdrops.
SQUID MEME
GAME$30.2971-0.41%
MAY
MAY$0.04256+2.77%
Share
PANews2025/05/02 16:30
Share

Trending News

More

U.S. Republican lawmakers seek scrutiny of Bitmain and Cango Inc.

Fetch.ai to launch $50 million FET token buyback program

Ten Web3 games worth watching in May

Vietnam Embarks on Five-Year Crypto Trading Pilot Program

Sources: Stablecoin issuer Figure plans to increase IPO size and pricing range