#NPM Attack Fails To Steal Major #Crypto Funds Despite Supply Chain Breach


A supply chain attack targeting Node Package Manager infrastructure attempted to intercept cryptocurrency transactions but only netted approximately $503 in digital assets. Security experts warn that the incident demonstrates ongoing vulnerabilities in software development ecosystems.


The attack began when hackers obtained developer credentials through phishing emails from a spoofed NPM support domain. Attackers then pushed malicious code updates to popular JavaScript libraries, including chalk, debug, and strip-ansi packages downloaded billions of times weekly.


The injected code functioned as crypto clippers, designed to intercept wallet addresses and redirect transactions across multiple blockchains including $BTC, $ETH, $SOL, and $LTC. However, implementation errors caused continuous integration pipelines to crash, triggering rapid detection.


Charles Guillemet, Ledger's chief technology officer, confirmed the attack's limited impact while emphasizing ongoing #security risks for software wallets and exchanges. "If your funds sit in a software wallet or on an exchange, you're one code execution away from losing everything," he stated.


Anatoly Makosov, The Open Network's CTO, explained that only specific versions of 18 packages were compromised before rollbacks were published. Developers who pushed builds during the attack window and applications using auto-updating dependencies faced the highest exposure risk.


Major platforms, including #Uniswap, #Aave, MetaMask, and Trezor, reported no impact from the incident. Security collective SEAL Org described the outcome as fortunate, noting a more sophisticated payload could have yielded significant financial damage given the widespread package distribution

image
September 09, 2025 at 6:02 PM