Hack

Hackers tried to backdoor Injective npm package to steal wallet keys

CoinTelegraph5h agoUpdated 4h ago
Hackers tried to backdoor Injective npm package to steal wallet keys
Smart Read

Hackers attempted to compromise Injective's npm package with a backdoor designed to steal wallet private keys, Socket researchers discovered. The attack targeted developers and applications managing Injective wallet operations, posing significant risks to user funds. This highlights npm supply chain vulnerabilities affecting crypto projects. Indian developers using Injective should audit their dependencies immediately and update to patched versions to prevent potential key compromise.

Key takeaways

  • 1Hackers attempted to inject a backdoor into Injective's npm package to steal private wallet keys from developers.
  • 2Socket researchers discovered the supply chain attack targeting applications managing Injective wallet operations.
  • 3Indian developers using Injective must immediately audit dependencies and update to patched versions to prevent key compromise.

Coins in this story

Why it matters

This npm supply chain vulnerability exposes Indian crypto developers and retail investors to direct fund theft through compromised wallet keys, highlighting critical security risks in cryptocurrency infrastructure that require immediate attention.

Related stories

Robinhood Chain sees over $70M in ETH bridged during first week
CoinTelegraph3h ago60-word brief

Robinhood Chain sees over $70M in ETH bridged during first week

Robinhood Chain, an Arbitrum-based layer-2 network, bridged over $70 million ETH in its first week since July 1 launch. The AI-native platform tokenizes real-world assets and stocks across 120+ countries. Daily active users hit 194,000 with $39,000 daily revenue. Experts view this as structural positive for Ethereum, creating new ETH demand through gas fees and settlement layer positioning.

Zcash targets July 28 launch for Ironwood network upgrade
CoinTelegraph4h ago60-word brief

Zcash targets July 28 launch for Ironwood network upgrade

Zcash’s next upgrade will replace the once-compromised Orchard pool and may offer clues about whether counterfeit tokens were created via a recent bug....

BitGo Adds Quantum-Risk Controls to Bitcoin Custody
Bitcoin Magazine18h ago60-word brief

BitGo Adds Quantum-Risk Controls to Bitcoin Custody

Bitcoin Magazine BitGo Adds Quantum-Risk Controls to Bitcoin Custody BitGo launched new quantum-risk tools that help institutional Bitcoin holders identify and reduce potential future quantum-computing exposure in their custody wallets. This post BitGo Adds Quantum-Risk Controls to Bitcoin Custody first appeared on Bitcoin Magazine and is written by Micah Zi...

KryptoKite aggregates and summarises third-party crypto news. This is informational content, not investment advice. KryptoKite does not recommend buying or selling any asset.