All
Contribute!
BlockchainCrypto MarketCryptocurrency

Ledger CTO Warns Of Crypto Clipper Malware Following Major NPM Breach

CoinSurges
By CoinSurges

Share This Post

A significant supply chain attack has raised alarms within the cryptocurrency community, especially after the Node Package Manager (NPM) account of developer Qix was compromised.

Charles Guilletment, the Chief Technology Officer of Ledger, a hardware wallet provider, issued a stark warning to crypto investors in a recent post on social media platform X (formerly Twitter). 

He highlighted the potential risks associated with this breach, noting that the affected packages have been downloaded over a billion times, putting the entire JavaScript ecosystem in jeopardy.

Crypto Clipper Malware Discovered

According to an investigative report on the matter, the malicious code introduced in this attack functions as a “crypto-clipper,” a type of malware designed to intercept and alter cryptocurrency transactions. 

The malicious code is said to operate by silently swapping wallet addresses in network requests, effectively redirecting funds from legitimate wallets to those controlled by the attacker. 

For users of hardware wallets, Guilletment advised that careful attention should be paid to every transaction before signing. In contrast, he urged individuals who do not utilize hardware wallets to refrain from any on-chain transactions until the situation is fully resolved. 

In light of the breach, a crypto expert has confirmed that they are collaborating with the NPM security team to address the issue. While the malicious code has been removed from most of the compromised packages, the situation remains fluid. 

Urgent Security Measures

The supply chain attack specifically involved the developer known as Qix, leading to the publication of malicious versions of numerous high-impact packages. With the combined weekly downloads of these affected packages surpassing one billion, the potential impact on the JavaScript ecosystem is substantial.

To mitigate risks, Guilletment emphasized the importance of auditing project dependencies immediately. Developers are encouraged to pin all affected packages to their last known safe versions using the overrides feature in their package.json files. 

Crypto

Featured image from DALL-E, chart from TradingView.com 

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Bearish Gravity Pulls XRP Below $2—Can Bulls Break the Curse?

XRP entered Dec 11, 2025, straddling a precarious edge, clocking a price range of $198 to $200 over the last hour With a commanding market cap of $120 billion and $417 billion changing hands in the

XRP and BNB May Rally Hard, Yet Ozak AI’s 2026 Projection Looks Far More Explosive

The post XRP and BNB May Rally Hard, Yet Ozak AI’s 2026 Projection Looks Far More Explosive appeared first on Coinpedia Fintech News Crypto market sentiment continues strengthening as XRP and BNB

Bitcoin Treasuries: Corporate Crypto Buying Slows, but DAT Giants Keep Accumulating

Bitcoin Treasuries’ latest November report shows digital asset treasury (DAT) companies powering ahead on bitcoin, ethereum, solana, and even XRP—proving the corporate accumulation era isn’t

Bitcoin USD cena pārsniedz atklāto interesi pēc FOMC

Bitcoin cena pēc FOMC atkal ir parādījusi, cik nestabila ir sviras ietekme šajā cikla posmā Pasaules lielākā kriptovalūta svārstījās starp 92 000 un 89 500 dolāriem dažas stundas pēc

HumaTek Launches HumaCoin ICO to Advance Blockchain Transparency in Humanitarian Aid

This content is provided by a sponsor Efforts to modernize global humanitarian finance have long struggled against fragmentation, inefficiency, and the persistent loss of donor capital across the aid

Bitcoin Bullish Exhaustion? BTC Whales Close Long Positions After Extreme Upside Bets

Bitcoin’s price is gradually picking up pace following a broader market recovery, allowing the largest cryptocurrency asset to revisit the $92,000 mark on Wednesday Even though the price is showing
Previous article
Bitcoin Inches up to $112K as Stocks Hit Record Highs
Next article
Largest supply chain attack in history targets crypto users through compromised JavaScript packages

Categories:

Hot right now:

Company:

Follow on:

Crypto Coin Live Stats

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.