
Injective said the security vulnerability was patched up immediately and claims there were no downloads of the malicious package.
Hackers compromised a widely used Injective software package in a supply chain attack with malware in an attempt to steal crypto wallet private keys.
Security firm Socket discovered on Thursday that a popular NPM (node package manager) with around 50,000 weekly downloads used for building on the Injective blockchain was maliciously modified to steal wallet private keys and seed phrases.
Socket reported that the malware had been downloaded more than 300 times, and “the campaign itself isn’t yet fully contained, despite the developer whose account was infiltrated quickly detected the compromise.
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments