Users of cryptocurrencies should be careful because a sneaky malware operation is taking over Ethereum (ETH), XRP, and Solana (SOL) transactions from wallets that don’t know what’s going on. This new type of attack uses flaws in the software supply chain to steal digital assets invisibly without leaving any signs of hacking in the user’s wallet interface. Understand these things before you buy crypto.
Mainly Trojanized NPM Packages
The main part of this attack is the compromise of Node Package Manager (NPM) packages. Developers use NPM packages all the time to run open-source libraries. Cybersecurity experts said that one of the known dangerous packages, “pdf-to-office,” looks like it’s not harmful but has hidden code meaning to get into systems. When developers add these hacked packages to their projects without realizing it, they give attackers an easy way in.
Targeting Atomic, Exodus Wallets
Once it’s on your computer, the malware looks for famous cryptocurrency wallets that can store many different digital assets. Atomic and Exodus are two examples. The malware then puts its harmful code right into the wallet apps. From there, it waits, ready to catch any transactions about to leave and send money to addresses managed by attackers without the user’s knowledge or permission.
How the malware works
The first step in this multi-stage malware operation is to extract the wallet application archive and change the files inside it. The code hides itself in the application files using advanced obfuscation techniques. It repackages the files to keep their regular look and changes the transaction handling mechanism.
Effects on Several Cryptocurrencies
There’s more to this than just Ethereum. The campaign also targets Tron-based USDT, XRP, and Solana. This is a worrying sign of how deeply malware is becoming a part of the software ecosystem. Users won’t know immediately that their cryptocurrency has been stolen until it’s too late and they look at the blockchain record.
Conclusion
This ad is a scary reminder of how cybercriminals constantly change how they get what they want in the crypto world. Developers need to check out third-party packages carefully, and users need to check all the details of every transaction on the blockchain twice.
