Largest NPM attack in crypto history stole less than $50: SEAL

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets.

Hackers have only managed to steal $50 worth of crypto from a massive supply chain hack affecting JavaScript software libraries, industry security researchers say.

Crypto intelligence platform Security Alliance shared the findings on Monday after hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries that have already been downloaded over 1 billion times, potentially putting countless crypto projects at risk. Ethereum and Solana wallets were specifically targeted, Security Alliance said.

Fortunately, less than $50 has been stolen from the crypto space so far, the security firm said, identifying Ethereum wallet address “0xFc4a48” as what it believes to be the only malicious address so far. It added on X:

“The hacker didn’t fully capitalize on the amount of access they had. It’s like finding the keycard to Fort Knox and using it as a bookmark. The malware was widespread but at this point is nearly completely neutralized,” pseudonymous SEAL security researcher Samczsun told Cointelegraph in a separate comment.

The $50 figure was, however, bumped up from five cents a few hours earlier, suggesting the potential damage may still be unfolding.

The five cents stolen were in Ether (ETH) while another $20 worth of a memecoin was compromised, Security Alliance said.

Etherscan data shows the malicious address has received Brett (BRETT), Andy (ANDY), Dork Lord (DORK), Ethervista (VISTA), and Gondola (GONDOLA) memecoins so far.

Read more