Ledger CTO Warns of NPM Supply-Chain Attack Impacting Crypto Transactions

BTCC / BTCC Square / Global Cryptocurrency /

Author:

Release Time:

2025-09-08 20:58:03

BTCCSquare news:

Charles Guillemet, CTO of hardware wallet manufacturer Ledger, has alerted the crypto community to a large-scale supply chain attack via Node Package Manager (NPM). The compromised account of a prominent developer has led to malicious code being inserted into widely used JavaScript packages, collectively amassing over 1 billion downloads.

The attack stealthily alters cryptocurrency wallet addresses during transactions, redirecting funds to hackers. This exploit underscores the fragility of open-source dependencies in blockchain infrastructure. "When an attacker compromises a developer's account, they can poison widely used packages," Guillemet told CoinDesk. The threat spans all blockchains where affected JavaScript packages might be integrated into dApps or software wallets.

By:

Log in to Reply

Yuen May Chan on Operational Excellence and CGS International’s Growth

Articles on this site are sourced from public networks or curated by AI for informational purposes only and do not represent BTCC’s views. Original rights belong to the respective authors. For copyright concerns, please contact [email protected]. BTCC assumes no liability for the accuracy, timeliness, or completeness of this information, and disclaims all liability arising from reliance on such content. This content is for reference only and should not be taken as investment, legal, or commercial advice.