Ledger CTO: NPM Attacker Failed, With Virtually No Victims

BlockBeats News, September 9th: Ledger's Chief Technology Officer Charles Guillemet posted an update stating, "Latest on NPM Attack: Fortunately, the attack did not succeed, and there were almost no victims."

The attack began with a phishing email disguised as an npm support domain, stealing user credentials, allowing the attacker to publish malicious package updates. The injected code targeted web3 activities, infiltrating chains like Ethereum, Solana, and hijacking transactions to directly replace wallet addresses in network responses. The attacker's mistake led to the collapse of the CI/CD pipeline, enabling early detection and limiting the impact.

Nevertheless, this is a clear reminder: if your funds are held in a software wallet or exchange, a single code execution could lead to a complete loss. Supply chain attacks remain a potent vector for malware distribution, and we are witnessing increasingly targeted attacks.

Hardware wallets are designed to withstand such threats. Features like "Clear Signing" allow you to accurately verify transaction contents, while "Transaction Verification" can flag suspicious activities before issues arise. The immediate danger may have passed, but the threat still looms. Stay safe."

Earlier today, BlockBeats reported a large-scale ongoing supply chain attack: a prominent developer's NPM account was compromised. The affected package has been downloaded over 1 billion times, potentially putting the entire JavaScript ecosystem at risk.