Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. Hackers have only managed to steal $50 worth of crypto from a massive supply chain hack affecting JavaScript software libraries, industry security researchers say.Crypto intelligence platform Security Alliance shared the findings on Monday after hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries that have already been downloaded over 1 billion times, putting countless crypto projects at risk. Ethereum and Solana wallets were specifically targeted, Security Alliance said.Fortunately, less than $50 has been stolen from the crypto space so far, the security firm said, identifying Ethereum wallet address “0xFc4a48” as what it believes to be the only malicious address so far. It added on X: The $50 figure was, however, bumped up from 5 cents a few hours earlier, suggesting the potential damage may still be unfolding.The 5 cents stolen were in Ether (ETH) while another $20 worth of a memecoin was compromised, Security Alliance said. Etherscan data shows the malicious address has received Brett (BRETT), Andy (ANDY), Dork Lord (DORK), Ethervista (VISTA), and Gondola (GONDOLA) memecoins so far.Related: Pokémon cards will soon have their ‘Polymarket moment’ — BitwiseThe breach targeted packages such as chalk, strip-ansi, and color-convert — small utilities buried deep in the dependency trees in countless projects. Even devs who never installed them directly could be exposed.Read more Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. Hackers have only managed to steal $50 worth of crypto from a massive supply chain hack affecting JavaScript software libraries, industry security researchers say.Crypto intelligence platform Security Alliance shared the findings on Monday after hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries that have already been downloaded over 1 billion times, putting countless crypto projects at risk. Ethereum and Solana wallets were specifically targeted, Security Alliance said.Fortunately, less than $50 has been stolen from the crypto space so far, the security firm said, identifying Ethereum wallet address “0xFc4a48” as what it believes to be the only malicious address so far. It added on X: The $50 figure was, however, bumped up from 5 cents a few hours earlier, suggesting the potential damage may still be unfolding.The 5 cents stolen were in Ether (ETH) while another $20 worth of a memecoin was compromised, Security Alliance said. Etherscan data shows the malicious address has received Brett (BRETT), Andy (ANDY), Dork Lord (DORK), Ethervista (VISTA), and Gondola (GONDOLA) memecoins so far.Related: Pokémon cards will soon have their ‘Polymarket moment’ — BitwiseThe breach targeted packages such as chalk, strip-ansi, and color-convert — small utilities buried deep in the dependency trees in countless projects. Even devs who never installed them directly could be exposed.Read more

Largest npm attack in crypto history stole less than $50: SEAL

By: Coinstats

2025/09/09 06:31

VISTA$5.344+0.96%

MORE$0.01493-10.38%

MEMECOIN$0.0004303+5.07%

DEEP$0.085559+3.21%

NODE$0.07873+3.61%

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets.

Hackers have only managed to steal $50 worth of crypto from a massive supply chain hack affecting JavaScript software libraries, industry security researchers say.

Crypto intelligence platform Security Alliance shared the findings on Monday after hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries that have already been downloaded over 1 billion times, putting countless crypto projects at risk. Ethereum and Solana wallets were specifically targeted, Security Alliance said.

Fortunately, less than $50 has been stolen from the crypto space so far, the security firm said, identifying Ethereum wallet address “0xFc4a48” as what it believes to be the only malicious address so far. It added on X:

The $50 figure was, however, bumped up from 5 cents a few hours earlier, suggesting the potential damage may still be unfolding.

The 5 cents stolen were in Ether (ETH) while another $20 worth of a memecoin was compromised, Security Alliance said. Etherscan data shows the malicious address has received Brett (BRETT), Andy (ANDY), Dork Lord (DORK), Ethervista (VISTA), and Gondola (GONDOLA) memecoins so far.

Related: Pokémon cards will soon have their ‘Polymarket moment’ — Bitwise

The breach targeted packages such as chalk, strip-ansi, and color-convert — small utilities buried deep in the dependency trees in countless projects. Even devs who never installed them directly could be exposed.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

Share Insights