Ataque à NPM drena apenas US$ 500 em meme coins
Exploradores de vulnerabilidades atacam pacote NPM em busca de ganhos fáceis—mas saem com migalhas.
O que aconteceu?
Um ataque direcionado a dependências de código aberto resultou no roubo de apenas US$ 500 em tokens meme. Os invasores comprometeram um pacote popular da NPM, inserindo código malicioso que tentava drenar carteiras de usuários desprevenidos.
Resultado patético
O esquema complexo rendeu menos que um salário mínimo mensal—uma vitória embaraçosa para os criminosos. A comunidade detectou e neutralizou a ameaça rapidamente, limitando drasticamente os danos.
Lição aprendida?
Mesmo ataques sofisticados falham miseravelmente quando confrontados com a vigilância coletiva do ecossistema cripto. E claro, até os hackers estão apostando em shitcoins—que ironia financeira.
Supply chain npm attack resembles the Bybit hack
The supply chain attack was somewhat similar to the Bybit hack, in changing the destination wallet at the last moment. The compromised front-end code could potentially divert assets from sites that used some of the tainted JavaScript packages.
People don’t seem to understand the npm exploit. It’s like when Bybit lost a billion dollars to hackers through comrposing the Safe multisig user interface. Front end code on websites that used the malicious packages are compromised. So make sure to verify transactions carefully.
— Beanie (@beaniemaxi) September 8, 2025
In the case of the Bybit hack, the front end exploit was deliberate and limited, but the npm supply chain code injection has affected up to 2B weekly downloads. Early reports show the effects of the tainted npm packages were limited.
Most of the major Web3 venues reported their code was safe and trading could continue. Most of the tokens stolen were on Ethereum, and included BRETT, DORKY, VISTA, and GONDOLA, with no ETH taken.
The attack affected the wallets of some small-scale DEX traders and Uniswap liquidity providers, but not on a mass scale, showing the apps themselves were not compromised. The risk lay with the end client signing the transaction without sufficient manual verification.
Is crypto still at risk from the npm attack?
Crypto wallets are generally at risk from supply chain attacks. However, the potential to steal tokens depends on the apps themselves, and on a relatively small time window to perform the exploit.
The examples of malicious crypto-stealing code have been widely published, potentially protecting app developers.
The attacks happened following new downloads, meaning the vulnerabilities were injected in a limited number of crypto apps. Hours after the attack, it was also clear MetaMask users were the most affected, with no targeting of the desktop wallet ecosystem.
Get up to $30,050 in trading rewards when you join Bybit today
