• CONTACT
  • MARKETCAP
  • BLOG
Coin Mela Coin Mela
  • Home
  • News
    • All News
    • Bitcoin
    • Ethereum
    • XRP
    • Altcoins
    • NFT
    • Blockchain
    • Web3
    • DeFi
    • Finance
    • Stocks
    • Company
  • Learn
  • Market
  • Advertise
Reading: Hacker Infects Popular NPM Packages with Crypto-Looting Malware after Phishing Attack
Share
  • bitcoinBitcoin(BTC)$61,199.00
  • ethereumEthereum(ETH)$1,643.95
  • tetherTether(USDT)$1.00
  • binancecoinBNB(BNB)$555.42
  • usd-coinUSDC(USDC)$1.00
  • rippleXRP(XRP)$1.08
  • solanaSolana(SOL)$81.16
  • tronTRON(TRX)$0.316526
  • Figure HelocFigure Heloc(FIGR_HELOC)$1.04
  • HyperliquidHyperliquid(HYPE)$64.22
CoinMelaCoinMela
Font ResizerAa
  • Home
  • News
  • Learn
  • Market
  • Advertise
Search
  • Home
  • News
    • All News
    • Bitcoin
    • Ethereum
    • XRP
    • Altcoins
    • NFT
    • Blockchain
    • Web3
    • DeFi
    • Finance
    • Stocks
    • Company
  • Learn
  • Market
  • Advertise
Have an existing account? Sign In
Follow US
© Coin Mela Network. All Rights Reserved.
News

Hacker Infects Popular NPM Packages with Crypto-Looting Malware after Phishing Attack

News Desk
Last updated: September 9, 2025 2:42 pm
News Desk
Published: September 9, 2025
Share
03J6t5phIVDNHysf6Ri2EOl 1.fit lim.size 1200x630.v1757362104
Credits: uk.pcmag.com

A significant cybersecurity breach has raised alarms within the programming community as a hacker successfully infiltrated over a dozen widely used software packages, deploying a crypto-looting malware. This malicious software was found in 18 separate modules of “npm packages”—essential tools employed for JavaScript projects—which together boast approximately 2 billion weekly downloads.

The incident was first reported by Aikido Security, prompting a closer examination of the attack’s origins. The programmer tasked with maintaining these npm packages, Josh Junon, confirmed on social media that he had been compromised. He disclosed that he fell victim to a phishing scheme, wherein deceptive emails masquerading as communications from npmjs.com, the official domain owned by GitHub, led him to a fraudulent link. The phishing email, which aimed to seem authentic by utilizing official branding, was dispatched from the fake domain npmjs[.]help.

Adding to the sophistication of the attack, the phishing message claimed to be a security alert, requesting the recipient to update their two-factor authentication. The hacker’s strategy ultimately resulted in securing unauthorized access to Junon’s account, allowing them to manipulate the npm packages.

In the aftermath, Aikido Security characterized the incident as potentially “the largest supply chain compromise in npm history.” However, quick reactions from the programming community helped repulse further damage, with some affected npm packages already being pulled from circulation. Security firm Semgrep indicated that as these malicious versions were accessible for only a brief period and recorded minimal downloads, the overall impact might be limited.

Further analysis by BleepingComputer revealed criteria that would identify whether a software project was vulnerable to the malware, suggesting that the breach’s actual reach might be less widespread than initially feared. Security researcher Florian Roth commented that while the compromise was significant, the execution of the attack revealed a lack of expertise on the hacker’s part, stating, “all they had was access – not skill.”

Despite these reassurances, there are indications that the attacker may have targeted additional npm package maintainers. The malware was designed specifically to siphon cryptocurrency by hijacking users’ browser transactions—essentially redirecting cryptocurrency sent by users to the hacker’s accounts. Security provider Socket underscored this aspect, elucidating how the malware manipulates crypto transactions in its operation.

As the incident continues to unfold, the programming community and cybersecurity experts are on high alert, emphasizing the importance of vigilance against phishing attempts and the need for robust security practices to prevent such breaches in the future.

Hive Digital Technologies Reports Revenue Surge to $297.8 Million Driven by Bitcoin Mining and AI Expansion
Audemars Piguet’s Royal Pop Collection: Balancing Luxury and Accessibility Amid Market Challenges
Public Dashboards Reveal $64.5 Million in Tokenized Real Estate on Hedera, While RedSwan CRE Claims Over $5 Billion
Tips for protecting your lottery win amid Michigan’s $1 million Powerball ticket sold in Detroit
Project Eleven Awards Q-Day Prize for Breakthrough in Quantum Attacks on Cryptography
Share This Article
Facebook Whatsapp Whatsapp
ByNews Desk
Follow:
CoinMela News Desk brings you the latest updates, insights, and in-depth coverage from the world of cryptocurrencies, blockchain, and digital finance.
Previous Article 0198a2c4 5337 754e b2d0 f123e0185693 University of the Cumberlands Introduces Graduate Course on Bitcoin Fundamentals
Next Article 66a7b1f1a0fc5856d5983788 Fed Rate Cuts Could Create Unexpected Risks for Markets and Economy
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular News
GettyImages 2194350902 e1782770104136
America’s 250th Birthday: Parallels to the Historic IPO of 1791 and the SpaceX Speculation
7ee9072b189b6e8c3f86977e9ad5862d55dcf287 1280x854
South Korea’s Kospi Plummets 7.9% Amid AI Chip Concerns as Bitcoin Recovers
https2F2Fmedia.zenfs .com2Fen2FBenzinga2F59ff3325011699080776027287c605ac
Ross Gerber Says Trump’s $1 Billion Crypto Windfall Is Why ‘Bitcoin Went Down and Isn’t Going Anywhere’
- Advertisement -
Ad image

Follow Us on Socials

We use social media to react to breaking news, update supporters and share information

Twitter Youtube Telegram Linkedin
Coin Mela Coin Mela
CoinMela is your one-stop destination for everything Crypto, Web3, and DeFi news.
  • About Us
  • Contact Us
  • Corrections
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Advertise with Us
  • Quick Links
  • Company
  • Finance
  • Stocks
  • Bitcoin
  • News
  • XRP
  • Ethereum
  • Altcoins
  • Blockchain
  • DeFi
© Coin Mela Network. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?