Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Global Cryptocurrency /
Malicious SAP npm Packages Target Crypto Wallet Data in Coordinated Attack

Malicious SAP npm Packages Target Crypto Wallet Data in Coordinated Attack

Global Cryptocurrency
Author:
Global Cryptocurrency
Release Time:
2026-05-06 09:06:01
0
BTCCSquare news:

Security researchers uncovered a sophisticated malware campaign infiltrating SAP's developer ecosystem through compromised npm packages. The malicious versions—[email protected], @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected]—collectively receive over 572,000 weekly downloads, posing systemic risk to credential storage and cryptocurrency wallets.

The attack vector leverages obfuscated JavaScript payloads delivered via modified package files, including a byte-identical loader script across all compromised packages. Notably, the malware avoids Russian-language systems and adapts its behavior based on environment detection—targeting both CI/CD platforms and developer workstations. Credential theft spans SSH keys, cloud service tokens, and cryptocurrency wallet data.

Articles on this site are sourced from public networks or curated by AI for informational purposes only and do not represent BTCC’s views. Original rights belong to the respective authors. For copyright concerns, please contact [email protected]. BTCC assumes no liability for the accuracy, timeliness, or completeness of this information, and disclaims all liability arising from reliance on such content. This content is for reference only and should not be taken as investment, legal, or commercial advice.

Related Articles

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GET IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2026 BTCC.com. All rights reserved