Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesEarnSquareMore
Bitget
News
Markets
NPM Worm Attack Hits 400+ Crypto Packages

NPM Worm Attack Hits 400+ Crypto Packages

CoinomediaCoinomedia2025/11/25 02:24
By:Ava NakamuraAva Nakamura

Over 400 NPM packages, including ENS and crypto libraries, were targeted by a worm-style attack stealing wallet keys and dev credentials.Key Crypto Libraries CompromisedWhat Developers Should Do Now

  • Over 400 NPM packages infected by a malicious worm
  • ENS and crypto libraries among the affected
  • Attackers stole wallet keys and developer credentials

In a significant security incident, more than 400 NPM packages have been compromised by a sophisticated worm-style attack. The breach affected numerous key crypto-related libraries, including those connected to the Ethereum Name Service (ENS), sending shockwaves across the blockchain developer community.

According to initial reports, the worm infiltrated the packages and silently stole sensitive data such as wallet private keys and developer credentials. This method of attack is especially dangerous as it spreads from one package to another, increasing its reach with every compromised dependency.

Key Crypto Libraries Compromised

Some of the impacted packages include vital libraries used by developers building on Ethereum and other blockchain networks. This includes packages related to ENS, a widely used decentralized domain service on Ethereum. These libraries are often integrated deep within larger projects, making the worm’s reach extensive and dangerous.

The attack highlights vulnerabilities in software supply chains, especially when developers rely on open-source packages without rigorous audits. Once a developer installs an infected package, their credentials and wallet data could be silently exfiltrated, putting both personal and project assets at risk.

What Developers Should Do Now

Security experts recommend that all developers using NPM, especially in Web3 or crypto-related projects, conduct immediate audits of their dependencies. Here are some steps to take:

  • Check for recent updates to any packages related to ENS or wallet functionality.
  • Review NPM package maintainers and verify the integrity of packages you depend on.
  • Rotate developer credentials and regenerate any wallet keys that may have been exposed.
  • Use security tools that monitor for malicious behavior in dependencies.

This incident serves as a stark reminder that even trusted package ecosystems like NPM can be vectors for large-scale attacks. Vigilance and quick action are crucial in minimizing damage and preventing future compromises.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!

You may also like

Ethereum Updates: Ethereum Drops to $2,800, Prompting Surge in Demand for ZKP's Hardware-Based Presale

- Ethereum's price fell below $2,800, triggering $6.5M liquidations and testing critical support levels amid declining on-chain demand metrics. - Institutional players like BitMine accumulated 3.62M ETH (~$10.4B) despite the selloff, signaling long-term bullish conviction. - ZKP's hardware-driven presale gained traction with $17M in ready-to-ship Proof Pods and Miami Dolphins partnership for privacy-focused sports analytics. - Mutuum Finance's $19M DeFi presale and ZKP's auction model with $50K wallet caps

Bitget-RWA2025/11/27 18:44
Ethereum Updates: Ethereum Drops to $2,800, Prompting Surge in Demand for ZKP's Hardware-Based Presale

Vitalik Buterin Supports ZKsync: What This Means for Layer 2 Scaling

- Vitalik Buterin endorsed ZKsync in late 2025, highlighting its "underrated and valuable" work alongside the Atlas upgrade achieving 15,000 TPS and $0.0001 fees. - ZKsync's zero-knowledge rollups and EVM compatibility enabled institutional adoption by Deutsche Bank , Sony , and Goldman Sachs for cross-chain and enterprise use cases. - The Fusaka upgrade aims to double throughput to 30,000 TPS by December 2025, positioning ZKsync to compete with Polygon zkEVM and StarkNet in Ethereum's Layer 2 landscape. -

Bitget-RWA2025/11/27 18:44
Vitalik Buterin Supports ZKsync: What This Means for Layer 2 Scaling

The ZK Atlas Enhancement: Revolutionizing Blockchain Scalability?

- ZKsync's 2025 Atlas Upgrade achieves 15,000–43,000 TPS with sub-1-second finality, addressing Ethereum L2 scalability bottlenecks via Airbender proofs and modular OS. - DeFi protocols like Aave and Lido leverage ZKsync's $0.0001/tx costs to unify liquidity, while Deutsche Bank and Sony adopt its trustless cross-chain infrastructure for compliance and transparency. - ZK token surged 150% post-upgrade, with TVL hitting $3.3B and analysts projecting 60.7% CAGR for ZK Layer-2 solutions by 2031 amid instituti

Bitget-RWA2025/11/27 18:44
The ZK Atlas Enhancement: Revolutionizing Blockchain Scalability?

XRP News Update: XRP ETFs Spark Optimism—Is $1,115 Within Reach?

- XRP's price surge to $2.20 is driven by ETF launches, with $422M inflows from Franklin Templeton and Grayscale. - Technical indicators suggest a potential $2.50+ rally if support at $1.84 holds, with long-term forecasts reaching $26.50 by 2030. - Institutional adoption of Ripple's ODL and Ripple USD's $1B+ market cap highlight growing utility beyond remittances. - Regulatory clarity post-SEC ruling and macroeconomic factors remain critical for XRP's $1,115 potential in ultra-bullish scenarios.

Bitget-RWA2025/11/27 18:29
XRP News Update: XRP ETFs Spark Optimism—Is $1,115 Within Reach?

Trending news

More
1

Ethereum Updates: Ethereum Drops to $2,800, Prompting Surge in Demand for ZKP's Hardware-Based Presale

2

Vitalik Buterin Supports ZKsync: What This Means for Layer 2 Scaling

Crypto prices

More
Bitcoin
Bitcoin
BTC
$91,720.84
+2.07%
Ethereum
Ethereum
ETH
$3,033.83
+0.43%
Tether USDt
Tether USDt
USDT
$1
+0.05%
XRP
XRP
XRP
$2.23
-0.15%
BNB
BNB
BNB
$897.62
+0.88%
Solana
Solana
SOL
$142.85
-0.34%
USDC
USDC
USDC
$0.9999
+0.01%
TRON
TRON
TRX
$0.2801
+1.45%
Dogecoin
Dogecoin
DOGE
$0.1542
-0.98%
Cardano
Cardano
ADA
$0.4368
+0.91%
How to buy BTC
Bitget lists BTC – Buy or sell BTC quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now
About Bitget
About Bitget Contact us Community Careers Bitget Academy Bitget Blog Bitget Token (BGB) Announcement Center Proof of Reserves Protection Fund Partner links LALIGA partnership MotoGP partnership Blockchain4Youth Blockchain4Her Sitemap
Products
Spot Futures Onchain Stock Margin Earn Spot copy trading Futures copy trading Bot copy trading Bots APIs TraderPro Web3 wallet Fiat OTC Bitget Swap Telegram Apps Center Discord Apps Center Airdrop library
Buy crypto
Buy crypto Buy Bitcoin Buy ETH Buy DOGE Buy XRP Buy BGB Buy SHIB Crypto prices Bitcoin price Ethereum price Solana price chart Calculator Bitcoin ETF Crypto wiki XRP price Pi Network price ADA price Solana price Trump coin price Dogecoin price BRC-20 price
Support
Submit feedback Help Center Verify official channels Anti-scam hub Listing application VIP services Affiliate program Institutional services Asset custody Download data Promotions Referral program Fee schedule Tax filing API
Legal
Law enforcement request Regulatory request Compliance Regulatory license AML/CFT policies Privacy policy Terms of Service Risk disclosure
Scan to download
© 2025 Bitget