Hackers are taking their charge, attempting to exploit every nook and cranny of the blockchain technology. When compared to other systems, blockchain has protective layers and smart contracts that are resistant to hackers’ tricks. However, things can sometimes change; hackers continually seek new methods to exploit crypto wallet addresses and steal money.
Hackers target NPM packages
NPM attacks NPM (Node Package Manager), a huge public library of open-source JavaScript source code, have been frequently targeted by hackers. Adding to the latest list, an NPM account was reportedly compromised to inject malicious code into widely used packages. And the malicious code injected into popular NPM packages is designed to tamper with wallet addresses during transactions.
Hackers have exploited popular JavaScript libraries, including strip-ansi and chalks, which were downloaded billions of times.
1 billion downloads of malicious code!
That’s quite a painful moment! According to a crypto YouTuber, hackers have recently compromised an NPM account, using which they injected malicious code into “widely used packages”. Since these source code packages are widely used by developers and companies, the malicious code can quickly spread across the ecosystem.
The developers unknowingly downloaded a package containing malicious code, and it has been downloaded over one billion times!
How is crypto affected by the malicious code on NPM?
- A developer building a crypto wallet app or DeFi sites unknowingly downloads the compromised package and installs it.
- The malicious package automatically executes malicious code when the crypto app runs.
- The infected code can spread across the developer’s machine and finally move into the final app.
- Now, when a user signs into the crypto app, the app could ship the source code/ JavaScript into their browser.
- When the user copies a crypto wallet address, it may not be the intended one—instead, the attacker’s address is silently used.
NPM packages target Ethereum smart contracts
Blockchain research platform, ReversingLabs, recently noticed that smart contracts on Ethereum are being exploited to run malware on compromised devices. Two NPM packages abused the crypto contracts to disguise malicious commands that “installed downloader malware on compromised systems”.
Although NPM package attacks are doubling up, developers can practice several methods to protect their platforms against these malicious campaigns. They can conduct regular malware and vulnerability scans, verify signatures during package installation, and review packages with install scripts.
