Ledger CTO warns NPM attacks failed but still need to be alert

According to Shenchao TechFlow, on September 9, Ledger Chief Technology Officer Charles Guillemet said that the NPM attack failed and almost no victims were lost. The attacker stole user credentials through fake npm-enabled domain names and released malware package updates. Injecting code targets web encryption activities, invades blockchain networks such as Ethereum and Solana to hijack transactions, and replaces wallet addresses. Due to the attacker's operational error, the CI/CD process crashed, the attack was discovered in advance, and the scope of impact was limited. However, this is still a clear warning: if funds are stored in a software wallet or exchange, all funds may be lost if they only need one code execution. Supply chain security vulnerabilities are still an important way to spread malware, and targeted attacks are increasing. Although the current danger has passed, the threat is still there. Be sure to be vigilant and ensure safety. Previous news, the developer Qix was attacked by phishing, and several popular npm packages were implanted with malicious code.