Computer pirates have only managed to steal $ 50 cryptography of a massive of the supply chain that affects JavaScript software libraries, industry security researchers say.
Crypto Intelligence Platform Security Alliance shared the findings on Monday after the computer pirates broke into the Node Package Manager (NPM) account of a known software developer and added malware to the popular JavaScript libraries that have already been downloaded for a billion times, putting innumerable cryptographic projects. Ethereum and Solana wallets were specifically attacked, said Security Alliance.
Fortunately, until now less than $ 50 of the cryptographic space have been stolen, said the security firm, identifying the address of the Ethereum wallet “0xfc4a48” as what you think is the only malicious direction so far. It was added in X:
“Imagine this: it compromises the account of an NPM developer whose packages are downloaded more than 2 billion times per week. It could have access without restrictions on millions of developer work stations. The unlisted wealth awaits you. The world is your oyster. Less than 50 USD benefits.”
However, the $ 50 figure was increased by five cents a few hours earlier, suggesting that potential damage may still be developing.
The five stolen cents were in Ether (ETH), while another $ 20 in a Memecoin committed, said Security Alliance. Etherscan data shows that the malicious address has received Brett (Brett), Andy (Andy), Dork Lord (Dork), Ethervista (Vista) and Gondola (gondola) Memecoins so far.
Related: Pokémon cards will soon have their ‘polymercate moment’ – bitwise
The violation of packages directed as chalk, strip-ahsi and converted color, small profits buried in dependence trees in innumerable projects. Even developers who never installed them directly could be exposed.
NPM is like an application store for developers, a central library where they share and download small code packages to create JavaScript projects.
The attackers seem to have planted a crypto-corta, a type of malware that silently replaces the directions of the wallet during transactions to divert the funds.
Ledger’s director of Technology, Charles Guillemet, was among many of those who have urged cryptography users to proceed with caution when confirming chain transactions.
This is a development story, and more information will be added as available.
Magazine: ‘Accidental jailbreaks’ and chatgpt links to murder, suicide: ai eye