Serious security vulnerability on NPM: Fortunately, it has not caused significant damage
On September 8, 2025, the crypto community was thrown into a panic when Charles Guillemet, CTO of #Ledger , issued an urgent warning about a serious cybersecurity vulnerability that could affect all on-chain transactions. This vulnerability stemmed from the compromise of the NPM account of a reputable developer, allowing malicious actors to inject malware into data packages that had been downloaded over 1 billion times. This malware could automatically change wallet addresses in transactions, posing a risk of asset theft.
Damage was limited due to luck
However, in a recent update, the attack was "almost a failure" due to a technical error on the part of the attacker, causing the plan to be quickly detected. According to analysis firm #arkham , the direct damage was only about 504 USD. The SEAL Org security team stated that this was a "stroke of luck," as had the malware been more sophisticated, damages could have reached billions of USD.
A lesson for the entire industry
This incident serves as a serious reminder of the potential risks in the crypto ecosystem. Although major wallets like MetaMask and Phantom have reassured users, this incident shows that reliance on external programming libraries remains a weakness. Experts recommend that users exercise caution, thoroughly check transactions before approving, and developers should regularly update software and eliminate risky data packages to ensure safety. #Hacker
