Summary
- Security Alliance (SEAL) said a famous developer's NPM account takeover nearly resulted in the largest-ever hack.
- It said the threat of malware insertion could have exposed JavaScript libraries with over 1 billion cumulative downloads and many crypto projects to risk.
- The actual loss was $50, but it said Ethereum (ETH) and Solana (SOL) wallets were the main targets.
A record-size NPM (Node Package Manager) hack targeting JavaScript software libraries was revealed. However, the amount lost was only $50.
On the 9th (Korean time), cryptocurrency-focused outlet Cointelegraph reported that security firm Security Alliance (SEAL) said a famous developer's NPM account was hijacked and malicious code was inserted into popular JavaScript libraries.
Those libraries had accumulated over 1 billion downloads, potentially exposing many crypto projects to risk. The attacker targeted Ethereum (ETH) and Solana (SOL) wallets and attempted to steal funds by planting crypto clippers (crypto-clipper, malware that manipulates withdrawal addresses to steal crypto assets).
However, the actual amount stolen was not large. According to SEAL, only about $50 worth of crypto was taken in the incident.
Uk Jin
wook9629@bloomingbit.ioH3LLO, World! I am Uk Jin.
![[Analysis] “Bitcoin at risk of a fifth straight monthly decline…worst bear market since 2018”](https://media.bloomingbit.io/PROD/news/4842663d-6c96-44c4-a3d3-63aa6686644a.webp?w=250)
