"On September 8, several popular npm packages were compromised after a successful phishing attack on a maintainer account. Among the affected libraries are Chalk and Debug, which together account for billions of weekly downloads. The incident is considered one of the most serious supply chain attacks in the history of npm. In total, packages representing more than 2 billion weekly downloads were affected. Researchers say this is likely the largest supply chain attack ever within the open-source ecosystem."
"The attack began when the developer with the username qix fell victim to a phishing email sent from a domain that closely resembled the official npm domain. This gave the attacker access to the account, who then published new versions of a total of eighteen packages. These versions contained malicious code targeting crypto wallets in browser environments. As soon as the code detects that an application is running with window.ethereum,"
On September 8, several popular npm packages were compromised after a phishing attack on a maintainer account. Chalk and Debug were among the affected libraries, together representing billions of weekly downloads; packages representing more than 2 billion weekly downloads were affected. The attacker published malicious updates to eighteen packages that introduced code targeting browser crypto wallets by detecting window.ethereum and intercepting wallet interactions to redirect transactions or approvals to attacker-controlled addresses. The malicious versions were partially removed within an hour, but many installations may have been infected. Detection rules and tooling were released and developers are advised to downgrade, remove lockfiles, reinstall, scan, and enable MFA.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]