SlowMist Detects 30 Malicious npm Packages Targeting Crypto Developers on July 1

MATH1.06%

According to security firm SlowMist, on July 1, researchers identified a coordinated npm supply chain attack involving 30 malicious packages disguised as trading bot repositories and DeFi tools. The attack targets npm users, DeFi developers, and trading bot users. One package, stake-math@3.5.4, appeared as a locked dependency in a repository that spawned approximately 2,300 nearly identical forked versions, primarily under the poly-stocks account.

The malicious packages are capable of stealing wallet libraries, browser cookies, saved passwords, browsing history, developer credentials, shell histories, password manager databases, private keys, seed phrases, and API tokens from source code. SlowMist recommended developers immediately remove affected packages and rotate all exposed credentials and keys.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments