This article was prepared using automated systems that process publicly available information. It may contain inaccuracies or omissions and is provided for informational purposes only. Nothing herein constitutes financial, investment, legal, or tax advice.
A widespread supply chain attack targeting popular JavaScript packages has surprisingly netted hackers only $1,043 in cryptocurrency. The attack compromised npm packages used by 99% of cloud environments, making it potentially the largest npm compromise in history. Despite its massive reach, quick detection and narrow targeting limited the financial damage.
- 10% of cloud environments contained the malicious code, with 99% using the targeted JavaScript packages
- The attack was detected within two hours of publication, limiting financial damage to $1,043 in mostly ERC-20 tokens
- Wiz researchers call this potentially 'the largest npm compromise in history' despite the limited financial impact
📎 Related coverage from: decrypt.co
Related Tags: Ethereum
Other Tags: Arkham Intelligence, ERC-20, GitHub