NPM Developer Account Attacker Currently Suspected to Have Profited Only Around $20

BlockBeats News, September 9th, according to CertiK Alert monitoring, developer Qix's NPM account was targeted in a phishing attack, with the attacker injecting malicious code into npm. According to Security Alliance, the attacker seems to have only profited about 0.05 USD worth of ETH and 20 USD worth of Meme coin.

Previously reported, Ledger CTO Charles Guillemet posted, "A large-scale supply chain attack is currently taking place: a well-known developer's NPM account has been compromised. The affected package has been downloaded over 1 billion times, which means the entire JavaScript ecosystem may be at risk. The malicious code works by silently modifying cryptocurrency addresses in the background to steal funds."