Hackers have injected multiple popular NPM packages with crypto-stealing code in a massive supply chain attack after compromising the maintainer’s account in a phishing attack.
The attackers targeted NPM maintainer Josh Junon (Qix) and others with a phishing message from an email address support@npmjs[.]help, that mimics NPM’s support@npmjs[.]com. The message directed the maintainers to update their 2FA authentication through a provided link.
“To maintain the security and integrity of your account, we kindly ask that you complete this update at your earliest convenience,” the phishing email reads. “Please note that accounts with outdated 2FA credentials will be temporarily locked starting September 10, 2025, to prevent unauthorized access.”
Qix fell for the trick and clicked on the link. It redirected the maintainer to a phishing website that prompted them to enter their username, password, and 2FA token, which allowed the threat actor to gain access to their account. They subsequently injected malicious code into nearly 20 popular NPM packages, with over 2 billion weekly downloads.
Supply chain attack injects crypto-stealing code in over a dozen NPM packages
According to Aikido Security, which first detected the supply chain attack, the malicious code is a browser-based interceptor designed to steal cryptocurrency by hijacking and rewriting transaction requests, thus redirecting the coins to a threat actor’s wallet.
“This malware is essentially a browser-based interceptor that hijacks both network traffic and application APIs,” the security platform explained.
It works by first checking whether it is running in a browser before hooking to core JavaScript functions and crypto wallets’ API requests, such as window.fetch, XMLHttpRequest, and window.ethereum.
This tactic enables the threat actors to intercept both web traffic and wallet activity, scanning for any string that resembles a wallet address or transaction request.
The malware can also identify various formats across different crypto platforms, such as Bitcoin, Ethereum, Solana, Litecoin, Tron, and Bitcoin Cash. It then rewrites values in the requests and responses, secretly altering transaction details in the background without updating the UI. When detected, it reduces the swapping frequency to cover its tracks.
“To make the changes harder to notice, it uses string-matching logic that replaces targets with look-alike values,” Aikido Security added.
“What makes it dangerous is that it operates at multiple layers: altering content shown on websites, tampering with API calls, and manipulating what users’ apps believe they are signing.
Crypto owners who visit infected websites and connect to their wallets are the core targets. However, according to Security Alliance, the supply chain attack had limited impacts. Within 24 hours, the threat actors had only stolen $0.05 of Ethereum and $20 of a memecoin with a daily trading volume of $588.
The security advocacy group also assessed that the most significant financial impact of the supply chain attack would be the time spent cleaning the infected NPM packages. Nevertheless, additional NPM packages unaffected by the initial attack were later affected.
Subsequently, developers should check if they were using any impacted NPM packages, clear their NPM cache, and reinstall all the packages. They should also enable the package lock file and ensure they only use pinned versions.
“This incident represents a watershed moment in software supply chain security,” said Ensar Seker, CISO at SOCRadar. “The compromise of NPM packages with over 2.6 billion weekly downloads highlights just how devastating upstream attacks can be when they exploit the foundational trust built into open-source ecosystems.
“Attackers didn’t need to break into servers or bypass technical defenses; they simply hijacked a legitimate maintainer’s account through a targeted phishing campaign. That alone granted them the keys to a vast software kingdom,” added Seker.
Meanwhile, the identity of the threat actor behind the supply chain attack remains unknown. However, state-sanctioned North Korean hackers have frequently leveraged JavaScript code and frameworks to target crypto owners.
NPM packages need to be better secured
According to Martin Jartelius, CTO at Outpost24, the supply chain attack is a sobering reminder that using open-source components involves trusting someone else’s code and their ability to secure it.
“That trust can be broken through compromise, mistakes, or even bad intent,” he warned. “The reality is that businesses continue to rely on third-party libraries because rebuilding everything from scratch is unrealistic.”
However, Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, questioned the high frequency of compromise of open-source libraries and the lack of phishing-resistant multi-factor authentication (MFA).
“Is this the thousandth time NPM packages have been compromised this decade?” Grimes asked. “What’s the over/under on that number? Can’t be that much. The idea that maintainers are still not using phishing-resistant MFA to protect their maintainer accounts is so, so not understandable. Cybercriminals want to compromise NPMs and do so all the time. And yet, maintainer after maintainer doesn’t get and use phishing-resistant MFA!”
He warned that most cybersecurity professionals have failed to educate users that, just like usernames and passwords they replace, 85% to 95% of MFA technologies are phishable.
“And to every cybersecurity expert and guide that says, ‘You should be using MFA’ and not ‘You must be using phishing-resistant MFA (like FIDO, Yubikeys, passkeys, etc.)’ you’re doing a HUGE disservice to your congregation. You are contributing to the problem. Both need to change their ways,” he concluded.
