Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesEarnSquareMore
Bitget
News
Markets
NPM Worm Attack Hits 400+ Crypto Packages

NPM Worm Attack Hits 400+ Crypto Packages

CoinomediaCoinomedia2025/11/25 02:24
By:Ava NakamuraAva Nakamura

Over 400 NPM packages, including ENS and crypto libraries, were targeted by a worm-style attack stealing wallet keys and dev credentials.Key Crypto Libraries CompromisedWhat Developers Should Do Now

  • Over 400 NPM packages infected by a malicious worm
  • ENS and crypto libraries among the affected
  • Attackers stole wallet keys and developer credentials

In a significant security incident, more than 400 NPM packages have been compromised by a sophisticated worm-style attack. The breach affected numerous key crypto-related libraries, including those connected to the Ethereum Name Service (ENS), sending shockwaves across the blockchain developer community.

According to initial reports, the worm infiltrated the packages and silently stole sensitive data such as wallet private keys and developer credentials. This method of attack is especially dangerous as it spreads from one package to another, increasing its reach with every compromised dependency.

Key Crypto Libraries Compromised

Some of the impacted packages include vital libraries used by developers building on Ethereum and other blockchain networks. This includes packages related to ENS, a widely used decentralized domain service on Ethereum. These libraries are often integrated deep within larger projects, making the worm’s reach extensive and dangerous.

The attack highlights vulnerabilities in software supply chains, especially when developers rely on open-source packages without rigorous audits. Once a developer installs an infected package, their credentials and wallet data could be silently exfiltrated, putting both personal and project assets at risk.

What Developers Should Do Now

Security experts recommend that all developers using NPM, especially in Web3 or crypto-related projects, conduct immediate audits of their dependencies. Here are some steps to take:

  • Check for recent updates to any packages related to ENS or wallet functionality.
  • Review NPM package maintainers and verify the integrity of packages you depend on.
  • Rotate developer credentials and regenerate any wallet keys that may have been exposed.
  • Use security tools that monitor for malicious behavior in dependencies.

This incident serves as a stark reminder that even trusted package ecosystems like NPM can be vectors for large-scale attacks. Vigilance and quick action are crucial in minimizing damage and preventing future compromises.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!

You may also like

DOGE drops by 0.22% as Government Efficiency Agency Faces Dissolution

- The Trump-era DOGE agency, dissolved 8 months early in Nov 2025, aimed to cut $2 trillion in federal spending but struggled with coordination and lacked legislative framework. - Despite Elon Musk's involvement and $335M in reported savings, DOGE's erratic operations and internal disputes led to its absorption into the Office of Personnel Management. - Legal challenges persist as former USAID staff seek transparency, while supporters argue its efficiency principles remain active despite the abrupt shutdow

Bitget-RWA2025/11/25 05:28
DOGE drops by 0.22% as Government Efficiency Agency Faces Dissolution

LUNA Drops 0.27% as Stablecoin Market Cap Continues to Fall

- LUNA fell 0.27% in 24 hours to $0.0733, showing a 82.3% annual decline amid broader bearish trends. - Stablecoin market cap dropped to $3028.37B (-0.33% weekly), marking its largest monthly decline since 2022's LUNA collapse. - Analysts link LUNA's struggles to waning investor trust in algorithmic stablecoins and heightened regulatory scrutiny. - Market shifts favor fully collateralized stablecoins, pressuring complex mechanisms like LUNA's hybrid model.

Bitget-RWA2025/11/25 05:28
LUNA Drops 0.27% as Stablecoin Market Cap Continues to Fall

ZEC rose by 0.18% on November 25 as a result of short-selling fluctuations and portfolio rebalancing

- ZEC rose 0.18% on Nov 25 despite a 20.61% weekly decline, surging 825.18% annually amid volatile short-position liquidations. - A top short trader lost $2.78M after 31 liquidations as BTC/SOL prices spiked, reducing their BTC short exposure by 47%. - The "Top ZEC Short" opened a $3.48M MON short at $0.032, while the largest MON long faces liquidation at $0.0248. - Market dynamics highlight ZEC's role as a short-term confidence barometer, with institutional short-covering rallies under bearish pressure.

Bitget-RWA2025/11/25 05:28
ZEC rose by 0.18% on November 25 as a result of short-selling fluctuations and portfolio rebalancing

Bitcoin Updates: Senate Deadlock Over CLARITY Act Triggers Volatility in Crypto Markets

- Bitcoin fell below $82,000, losing $1 trillion in value due to macroeconomic risks and stalled U.S. crypto regulation (CLARITY Act). - Federal Reserve's delayed rate cuts and political gridlock over CLARITY Act deepened uncertainty, eroding market confidence. - Firms introduced leveraged tools and AI staking to navigate volatility, highlighting sector resilience amid leverage risks. - Deutsche Bank warned Bitcoin's 46% Nasdaq correlation weakens its value proposition, while political crypto advocacy grow

Bitget-RWA2025/11/25 05:20
Bitcoin Updates: Senate Deadlock Over CLARITY Act Triggers Volatility in Crypto Markets

Trending news

More
1

DOGE drops by 0.22% as Government Efficiency Agency Faces Dissolution

2

LUNA Drops 0.27% as Stablecoin Market Cap Continues to Fall

Crypto prices

More
Bitcoin
Bitcoin
BTC
$88,081.49
+0.48%
Ethereum
Ethereum
ETH
$2,930.23
+1.71%
Tether USDt
Tether USDt
USDT
$0.9997
-0.01%
XRP
XRP
XRP
$2.25
+7.11%
BNB
BNB
BNB
$862.88
+0.75%
Solana
Solana
SOL
$138.29
+3.61%
USDC
USDC
USDC
$0.9998
-0.00%
TRON
TRON
TRX
$0.2727
-1.70%
Dogecoin
Dogecoin
DOGE
$0.1515
+2.00%
Cardano
Cardano
ADA
$0.4248
+0.99%
How to buy BTC
Bitget lists BTC – Buy or sell BTC quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now
About Bitget
About Bitget Contact us Community Careers Bitget Academy Bitget Blog Bitget Token (BGB) Announcement Center Proof of Reserves Protection Fund Partner links LALIGA partnership MotoGP partnership Blockchain4Youth Blockchain4Her Sitemap
Products
Spot Futures Onchain Stock Margin Earn Spot copy trading Futures copy trading Bot copy trading Bots APIs TraderPro Web3 wallet Fiat OTC Bitget Swap Telegram Apps Center Discord Apps Center Airdrop library
Buy crypto
Buy crypto Buy Bitcoin Buy ETH Buy DOGE Buy XRP Buy BGB Buy SHIB Crypto prices Bitcoin price Ethereum price Solana price chart Calculator Bitcoin ETF Crypto wiki XRP price Pi Network price ADA price Solana price Trump coin price Dogecoin price BRC-20 price
Support
Submit feedback Help Center Verify official channels Anti-scam hub Listing application VIP services Affiliate program Institutional services Asset custody Download data Promotions Referral program Fee schedule Tax filing API
Legal
Law enforcement request Regulatory request Compliance Regulatory license AML/CFT policies Privacy policy Terms of Service Risk disclosure
Scan to download
© 2025 Bitget