Ledger CTO: Large-Scale Supply Chain Attack Underway, Entire JavaScript Ecosystem at Risk

By: theblockbeats.news|2025/09/09 05:32:27

BlockBeats News, September 9, Ledger's Chief Technology Officer Charles Guillemet wrote that, "A large-scale supply chain attack is currently taking place: a well-known developer's NPM account has been compromised. The affected package has been downloaded over 1 billion times, which means the entire JavaScript ecosystem could be at risk.

The malicious code works by silently tampering with cryptocurrency addresses in the background to steal funds.

If you use a hardware wallet, please carefully verify each signature transaction, and you are safe.
If you do not use a hardware wallet, please refrain from making any on-chain transactions for now.
It is currently unclear whether the attacker has already stolen the software wallet's mnemonic phrase.

For more details, see the report. If you are using Ledger or another hardware wallet that supports clear signatures, you will not be affected. My previous tweets were a reminder: Users who do not use hardware wallets that support clear signatures are at risk. Please be sure to carefully review each transaction before signing."

1. On-chain Volume: $34.0M USD inflow to Hyperliquid today; $29.3M USD outflow from Arbitrum 2. Biggest Gainers and Losers: $FAI, $ARC 3. Top News: Today, the crypto market rebounded against the trend, with a macro hedge whale holding long positions in gold and silver and shorting crypto, resulting in a $500k USD loss for the day

Interpreting the Anthropic vs. War Department Conflict: What Does Trump Intend to Do?

In the coming decades, our freedom may be more fragile than we think

Nasdaq Moves In, Predicts Market Has Reached Mainstream Inflection Point

Predictive trading is no longer just an experiment in the crypto space or a niche market but is starting to be integrated into the product suite of traditional trading platforms.

After a 48-hour ban, Claude reached the top of the App Store

Just the day before, ChatGPT was sitting right there

If this is the beginning of the triple halving, what are top investors saying about what to expect?

Hormuz Strait Blockade, Capital War, Oil and Bitcoin

Wall Street Rings Inflation Alarm Bells Amid Iran Tensions, What Does It Mean for Cryptocurrency?

Interest rates have remained stubbornly high, posing a challenge to the cryptocurrency bull case.

Qwen Open Source Model Enters Mobile, Nasdaq Tests Water Prediction Market, What's the Overseas Crypto Community Talking About Today?

What Was the Hottest Topic Among Expats in the Last 24 Hours?

MegaETH Co-founder: 48 Hours After Escaping Dubai, I Reassess the Entire Crypto Scene

The global environment is not favorable to us, but in the long run, it may be favorable to us.

Morning Report | Strategy increased its holdings by 3,015 bitcoins last week; BitMine increased its holdings by 50,928 ETH last week; Vitalik elaborated on the Ethereum execution layer roadmap

March 2 Market Key Events Overview

Why is it said that there are structural opportunities in encrypted AI?

When centralized AI falls into the dilemma of regulation and trust, Crypto + AI will become a structural escape route for safeguarding data and sovereignty in a multipolar world.

Make Probability an Asset: A Forward-Looking Perspective on Predictive Market Agents

The predictive market agents are expected to present early prototypes in early 2026, likely becoming an emerging product form in the field of agents in the following year.

Consumer application issues

The truly outstanding applications will not ask people to "use cryptocurrency," but will provide practical and better solutions to the problems that people already face.