Ledger CTO: Large-Scale Supply Chain Attack Underway, Entire JavaScript Ecosystem at Risk

By: theblockbeats.news|2025/09/09 05:32:27

0

Share

copy

BlockBeats News, September 9, Ledger's Chief Technology Officer Charles Guillemet wrote that, "A large-scale supply chain attack is currently taking place: a well-known developer's NPM account has been compromised. The affected package has been downloaded over 1 billion times, which means the entire JavaScript ecosystem could be at risk.

The malicious code works by silently tampering with cryptocurrency addresses in the background to steal funds.

If you use a hardware wallet, please carefully verify each signature transaction, and you are safe.
If you do not use a hardware wallet, please refrain from making any on-chain transactions for now.
It is currently unclear whether the attacker has already stolen the software wallet's mnemonic phrase.

For more details, see the report. If you are using Ledger or another hardware wallet that supports clear signatures, you will not be affected. My previous tweets were a reminder: Users who do not use hardware wallets that support clear signatures are at risk. Please be sure to carefully review each transaction before signing."

You may also like

Vitalik Rare Self-Criticism: Ethereum Missed the Really Important Battle

Vitalik Rare Self-Criticism: Ethereum Missed the Really Important Battle

Ethereum can't save the entire world, so what can we do?

SBF's bro turned 225 million into 5.5 billion in one year

SBF's bro turned 225 million into 5.5 billion in one year

Meet the 24-Year-Old AI New "Stock Market Wizard".

These former crypto builders have joined the world's hottest AI project

These former crypto builders have joined the world's hottest AI project

The Crypto Space Does Not Support Idleness

Key Market Insights for March 5th, how much did you miss out on?

Key Market Insights for March 5th, how much did you miss out on?

1. Top News: Wall Street's key regulatory agency is moving forward with plans to regulate cryptocurrency and prediction markets 2. Token Unlock: None

Crypto VC Inflection Point: The Survival Answers of a16z, Dragonfly, Paradigm

Crypto VC Inflection Point: The Survival Answers of a16z, Dragonfly, Paradigm

A sign of the maturing Crypto VC space is no longer a sea of sameness but each finding their own path forward.

Is OKX's $25 Billion Valuation Really Justified?

Is OKX's $25 Billion Valuation Really Justified?

In theory, OKX has tens of millions of new users to tap into in the United States

SBF's little brother turned 225 million into 5.5 billion in one year

SBF's little brother turned 225 million into 5.5 billion in one year

Let’s meet the 24-year-old new "stock god" of AI.

In a World of Disruption, How Can Humanities Workers Better Use AI?

In a World of Disruption, How Can Humanities Workers Better Use AI?

This AI in Practice experience is not about teaching you a few magical keywords to memorize; it's more like a methodology.

Anthropic Open Letter: The Hypocritical Sam Altman, PUA Master

Anthropic Open Letter: The Hypocritical Sam Altman, PUA Master

OpenAI's extensive PR rhetoric with the Department of War on these issues is either lying or deliberately creating confusion. These facts reveal a pattern of behavior, a pattern I have seen many times in Sam Altman, and I hope everyone can recognize it

On the same day that Kraken's Fedmaster Account was approved, the banking lobbying group immediately launched a counterattack.

On the same day that Kraken's Fedmaster Account was approved, the banking lobbying group immediately launched a counterattack.

Banking Lobby Group Slams Kraken's Approval for "Limited Purpose" Fed Master Account.

Bitwise: This weekend's attack accelerated the on-chain migration of the financial world

Bitwise: This weekend's attack accelerated the on-chain migration of the financial world

The never-ending market has become a global obsession.

Market Downturn: Which Assets Are Worth Watching?

Market Downturn: Which Assets Are Worth Watching?

"Whether it can bring benefits to the holder" is one of the key reference indicators.

The real opportunity of stablecoins is not to kill Visa

The real opportunity of stablecoins is not to kill Visa

In the new merchant ecosystem born in the AI era, stablecoins will become the first widely adopted payment infrastructure.

Trump's AI Farce: Insult if You Don't Pay

Trump's AI Farce: Insult if You Don't Pay

Dario's all-hands email is full of ad hominem attacks

US & Canada Crypto Tax Season 2026: Official Tax Reporting Support from WEEX × KoinX

US & Canada Crypto Tax Season 2026: Official Tax Reporting Support from WEEX × KoinX

Prepare for US & Canada crypto tax season 2026. Learn how to export your WEEX transaction history and access official reporting support through our partnership with KoinX.

Conversation between Tom Lee and "The Big Short" Author: AI has detected bubble signal, crypto correction due to gold liquidity being "siphoned off"

Conversation between Tom Lee and "The Big Short" Author: AI has detected bubble signal, crypto correction due to gold liquidity being "siphoned off"

A real bubble occurs when everyone is absolutely certain that "this is definitely not a bubble."

The true reason for Claude's ban, Kraken accessing the Federal Reserve payment system, What is the English community paying attention to?

The true reason for Claude's ban, Kraken accessing the Federal Reserve payment system, What is the English community paying attention to?

What Was Trending in the Last 24 Hours?

「Buying the Dip」 of 400,000 BTC: Is $74,000 a Rebound or a Reversal?

「Buying the Dip」 of 400,000 BTC: Is $74,000 a Rebound or a Reversal?

BTC price hits a new monthly high.

Vitalik Rare Self-Criticism: Ethereum Missed the Really Important Battle

Ethereum can't save the entire world, so what can we do?

SBF's bro turned 225 million into 5.5 billion in one year

Meet the 24-Year-Old AI New "Stock Market Wizard".

These former crypto builders have joined the world's hottest AI project

The Crypto Space Does Not Support Idleness

Key Market Insights for March 5th, how much did you miss out on?

1. Top News: Wall Street's key regulatory agency is moving forward with plans to regulate cryptocurrency and prediction markets 2. Token Unlock: None

Crypto VC Inflection Point: The Survival Answers of a16z, Dragonfly, Paradigm

A sign of the maturing Crypto VC space is no longer a sea of sameness but each finding their own path forward.

Is OKX's $25 Billion Valuation Really Justified?

In theory, OKX has tens of millions of new users to tap into in the United States

Popular coins

Latest Crypto News

22:44

Nasdaq-listed company CIMG plans to acquire the core assets of iZUMi Finance

iZUMi Finance announced a strategic agreement with Nasdaq-listed company CIMG Inc. (Nasdaq: IMG), in which CIMG intends to acquire certain core assets, patents, and intellectual property of iZUMi Finance to further expand its institutional-level decentralized finance infrastructure.According to the ...

22:44

A new wallet withdrew $22.16 million worth of Bitcoin from the exchange

According to market news, a newly created wallet has withdrawn 304.55 bitcoins from the exchange, worth approximately 22.16 million dollars.

22:44

Data: The current whale position on the Hyperliquid platform is 3.256 billion USD, with a long-short ratio of 1.02

According to Coinglass data, the current whale holdings on the Hyperliquid platform amount to $3.256 billion, with long positions at $1.648 billion, accounting for 50.61% of the holdings, and short positions at $1.608 billion, accounting for 49.39%. The profit and loss for long positions is -$26.405...

22:44

Bloomberg analysts: Bitcoin has risen 12% since the Middle East conflict, sparking renewed discussion about its safe-haven asset properties

Bloomberg ETF senior analyst Eric Balchunas posted on the X platform that Bitcoin ETFs have attracted another $500 million in inflows, with 10 out of 11 U.S. Bitcoin ETFs being favored by investors. Additionally, since the escalation of the conflict in the Middle East, Bitcoin has risen about 12%, w...

22:44

Bloomberg analysts: Bitcoin has risen 12% since the Middle East conflict, sparking renewed discussion about its safe-haven asset properties

Bloomberg ETF senior analyst Eric Balchunas posted on the X platform that Bitcoin ETFs have once again attracted $500 million in inflows, with 10 out of 11 U.S. Bitcoin ETFs being favored by investors. Additionally, since the escalation of the conflict in the Middle East, Bitcoin has risen by about ...