@dikarro

⚠️ The Most Important About the NPM Package Hack It feels like barely a month goes by without another attack on crypto infrastructure. This time, popular npm packages used by countless websites worldwide were compromised. Hackers gained access to the source code and injected malicious logic designed to: 1️⃣ Detect the presence of an Ethereum wallet 2️⃣ Replace the recipient’s address when a transaction is sent What does this mean for users? 🔹 Simply connecting your wallet is safe, nothing happens at that stage. 🔹 The risk arises only when confirming a transaction. The wallet will display the attacker’s substituted address, and if you manually approve it, that is when you lose your funds. 🔹 The breach only affects websites that recently updated their dependencies and pulled in the infected packages. Many projects pin specific versions, so not all are vulnerable. What should you do? ❗️ For the next few days, be extra careful when signing transactions.

0 reply

0 recast

0 reaction