Hackers Carry Out The Largest NPM Attack In History
Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads. However, they stole less than $50. The largest NPM crypto attack in history has been confirmed this week. However, despite how large it was, its outcome was surprisingly small. Despite affecting widely used JavaScript libraries downloaded billions of times, hackers were able to steal less than $50 worth of crypto. How Hackers Pulled Off the NPM Crypto Attack Hackers gained access to the Node Package Manager (NPM) account of a well-known developer, Josh Junon, also known as "qix." They used a phishing email that impersonated an official npmjs.com support address. The email urged Junon and other maintainers to update their two-factor authentication and threatened to lock accounts if they failed to comply. https://t.co/hB5oV2Ba7o — Security Alliance (@_SEAL_Org) September 8, 2025 Once Junon's account was compromised, attackers injected malware into 18 of his NPM packages. These included widely used libraries like chalk, strip-ansi, and debug, which, when combined, see more than 2.6 billion downloads every week. The malware worked as a crypto-clipper. It simply monitored Ethereum, Bitcoin, Solana, Tron, Litecoin and Bitcoin Cash wallet addresses. When a transaction was initiated, it simply replaced the destination address with an attacker-controlled address. Damage Limited to Less Than $50 According to blockchain security firm Security Alliance, the financial effect was minimal. The hacker(s)' Ethereum address, identified as "0xFc4a48", has received less than $50 in assets. Initial reports showed only five cents stolen in Ether. Later, around $20 worth of a memecoin was added. The wallet also received small amounts of tokens like Brett, Andy, Dork Lord, Ethervista and Gondola. This indicates that the attacker either failed to spread the malware widely enough or users quickly identified and blocked any suspicious transactions. Why the NPM Crypto Attack…
BitcoinEthereumNews2025/09/10 12:39