Summary
- Security Alliance (SEAL) said a famous developer's NPM account takeover nearly resulted in the largest-ever hack.
- It said the threat of malware insertion could have exposed JavaScript libraries with over 1 billion cumulative downloads and many crypto projects to risk.
- The actual loss was $50, but it said Ethereum (ETH) and Solana (SOL) wallets were the main targets.
A record-size NPM (Node Package Manager) hack targeting JavaScript software libraries was revealed. However, the amount lost was only $50.
On the 9th (Korean time), cryptocurrency-focused outlet Cointelegraph reported that security firm Security Alliance (SEAL) said a famous developer's NPM account was hijacked and malicious code was inserted into popular JavaScript libraries.
Those libraries had accumulated over 1 billion downloads, potentially exposing many crypto projects to risk. The attacker targeted Ethereum (ETH) and Solana (SOL) wallets and attempted to steal funds by planting crypto clippers (crypto-clipper, malware that manipulates withdrawal addresses to steal crypto assets).
However, the actual amount stolen was not large. According to SEAL, only about $50 worth of crypto was taken in the incident.
Uk Jin
wook9629@bloomingbit.ioH3LLO, World! I am Uk Jin.
![[Analysis] "XRP risks repeating the 2022 rout…most short-term investors in the red"](https://media.bloomingbit.io/PROD/news/845f37bb-29b4-4bc5-9e10-8cafe305a92f.webp?w=250)
![[Exclusive] “Airdrops also taxable”... Authorities to adopt a ‘comprehensive approach’ to virtual assets](https://media.bloomingbit.io/PROD/news/4bde9dab-09bd-4214-a61e-f6dbf5aacdfb.webp?w=250)