Watch Out: Virus Detected in Software Downloaded Over 1 Billion Times, Theft Alert for Cryptocurrency Owners
Ledger's CTO, Charles Guillemet, warned of a large-scale cyberattack that could directly impact the cryptocurrency market.
“A respected developer's NPM account was compromised, and packages distributed through that account have been downloaded over 1 billion times. This puts the entire JavaScript ecosystem at risk,” Guillemet said.
According to details of the attack, the malware attempts to steal users' funds by silently changing crypto addresses. This method, known as a “crypto-clipper,” specifically targets software wallet users.
Guillemet argued that hardware wallet users are safe if they carefully check addresses before signing transactions, but software wallet users should avoid on-chain transactions for now. It's also unclear whether attackers are directly stealing seed phrases from software wallets.
Here are some suggestions for developers:
- Fix the error-ex package to version 1.3.2 (using the overrides property in package.json).
- Prefer npm ci command instead of npm install in your build processes.
- Be sure to check the addresses before making any transactions.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Cobie: Long-term trading
Crypto Twitter doesn't want to hear "get rich in ten years" stories. But that might actually be the only truly viable way.
The central bank sets a major tone on stablecoins for the first time—where will the market go from here?
This statement will not directly affect the Hong Kong stablecoin market, but it will have an indirect impact, as mainland institutions will enter the Hong Kong stablecoin market more cautiously and low-key.
Charlie Munger's Final Years: Bold Investments at 99, Supporting Young Neighbors to Build a Real Estate Empire
A few days before his death, Munger asked his family to leave the hospital room so he could make one last call to Buffett. The two legendary partners then bid their final farewell.
Stacks Nakamoto Upgrade
STX has never missed out on market speculation surrounding the BTC ecosystem, but previous hype was more like "castles in the air" without a solid foundation. After the Nakamoto upgrade, Stacks will provide the market with higher expectations through improved performance and sBTC.
Trending news
MoreCrypto prices
More
