¿Afectó el ataque a la cadena de suministro de NPM los datos o activos de los clientes de Binance?

ALERTA DE SEGURIDAD: El ecosistema cripto bajo escrutinio tras vulnerabilidad en NPM

El reciente incidente en la cadena de suministro de NPM encendió todas las alarmas en la industria. Desarrolladores en pánico, repositorios comprometidos y la inevitable pregunta: ¿las grandes exchanges quedaron expuestas?

BINANCE EN EL OJO DE LA TORMENTA

La plataforma, que maneja volúmenes billonarios, activó protocolos de emergencia al detectar actividad sospechosa. Su equipo de seguridad cibernética trabajó 24/7 para contener cualquier posible brecha. Los protocolos de autenticación multifactor y los sistemas de monitorización en tiempo real demostraron su valor una vez más.

PROTECCIÓN DE ACTIVOS: PRIORIDAD ABSOLUTA

Los cold wallets permanecieron intactos—como siempre—mientras los sistemas de detección de intrusiones barrieron la infraestructura. Los usuarios ni notaron la conmoción tras bambalinas, aunque algunos traders siempre encuentran motivo para quejarse de spreads que fluctuaron 0.05% durante el pico de tensión.

LECCIÓN APRENDIDA: NADA COMPROMETIDO

Resultado final: cero activos perdidos, cero datos clientes vulnerados. Otra prueba de que la infraestructura de las exchanges líderes aguanta lo que sea—mientras los fondos de inversión tradicionales siguen lidiando con sistemas legacy de los años 90.

Supply chain attack on JavaScript packages scares crypto investors

The attack, which security researchers have called one of the largest in NPM’s history, took place on September 8. Hackers compromised the account of a trusted open-source maintainer known by the handle “qix,” also identified as Josh Junon. 

The attackers tricked Junon through a phishing email impersonating official communications from npmjs, the central repository for JavaScript packages. As seen in the fraudulent email, the perpetrators convinced Junon that his account would be locked on September 10, 2025, unless he immediately updated his two-factor authentication credentials. 

“As part of our ongoing commitment to account security, we are requesting that all users update their Two-Factor Authentication (2FA) credentials. Our records indicate it has been over 12 months since your last 2FA update,” the email read.

Junon confirmed on X that he had fallen victim to the phishing scheme after another maintainer revealed his NPM account was “posting packages with backdoors,” which enabled attackers to hijack his account and push malicious updates to 18 popular Node.js libraries. 

The packages included chalk, debug, ansi-styles, and strip-ansi, all of which are embedded in the web.

Malicious code targets crypto transactions

According to analysis by Aikido Security, the attackers injected code into the compromised packages that allowed them to act as browser-based interceptors. The code was slipped into the index.js files, where it could hijack network traffic and application APIs in any application using the tainted packages.

The malicious script monitors for wallet addresses and transactions of major digital assets, including Bitcoin, Ethereum, Solana, Tron, Litecoin, and Bitcoin Cash. Once detected, the malware silently replaced the destination wallet address with one controlled by the attackers, redirecting funds without the victim’s knowledge.

As covered by Cryptopolitan yesterday, the chief technology officer at hardware wallet maker Ledger, Charles Guillemet said the malicious code had already been propagated into packages with more than one billion downloads.

Blockchain analytics firm Arkham Intelligence reported late Monday that only $159 worth of cryptocurrency had been stolen so far. The stolen funds were traced to addresses identified in the original disclosures shared by Ledger’s security team. 

However, researchers believe the low figure does not mean there will be limited potential damage, given the billions of downloads associated with the compromised packages.

KEY Difference Wire helps crypto brands break through and dominate headlines fast