Major Supply Chain Attack Rocks Crypto Ecosystem

A major supply chain attack has rocked the bitpulse ecosystem, threatening users globally. Ledger’s CTO Charles Guillemet is sounding the alarm, urging caution and hardware wallet use.

The Attack

The attack, which began with a hacked Node Package Manager (NPM) account, has already affected billions of downloads and endangered the security of millions of dApps and crypto transactions. “The NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over 1 billion times,” Guillemet warned.

Crypto Clipper Malware

He further explained that the malware operates as a crypto clipper, stealthily hijacking wallet addresses during transactions to redirect funds to the attacker’s wallets. Guillemet urged users to be extra cautious, especially those not using hardware wallets. “If you use a hardware wallet, pay attention to every transaction before signing and you’re safe. If you don’t, refrain from making any on-chain transactions for now,” he advised.

NPM Hack: How the Breach Happened

Reports revealed that 18 popular NPM packages were found to be compromised, including high-profile packages such as ‘chalk’, ‘debug’, and ‘strip-ansi.’ The attack, which happened on Sept 8, is among the largest in recent history, impacting libraries with a total of more than 2 billion weekly downloads.

Attack Technique

The attack allegedly began with a phishing email impersonating official NPM support. The target was Qix-, a respected developer whose NPM account was hijacked, enabling attackers to inject malicious updates into popular JavaScript libraries. Once installed, the malicious payload silently replaces copied crypto addresses with lookalike ones controlled by the hacker.

Community Response and Prevention

A number of projects and protocols, such as Uniswap, SUI, and Jupiter, have affirmed that they are not affected but have advised caution. Cryptocurrency wallets such as Ledger and MetaMask assured users of multi-layered security measures. Meanwhile, the NPM supply chain hack was not the only major security event on Sept. 8.

Recent Security Events

Swiss crypto wealth platform SwissBorg reported a $41 million exploit via a partner API, affecting 1% of users. Additionally, the Ethereum L2 project Kinto announced its shutdown after a July exploit drained 577 ETH, leaving the team unable to secure funding. This wave of attacks is an indicator of the increasing complexity of crypto threats.

Conclusion

Going forward, users, developers, and platforms need to embrace more secure practices and rigorous package audits. The bitpulse community must remain vigilant and proactive in protecting against such threats to ensure a safer and more secure ecosystem for all users.