Researchers Uncover Backdoor in Solana's Popular Web3[.]js npm Library Cybersecurity ...

npub1zm7…pnd6

2024-12-05 06:51:49

Researchers Uncover Backdoor in Solana's Popular Web3[.]js npm Library

Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3[.]js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets.

The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm registry. The package is widely used, attracting over 400,000 weekly downloads.

"These compromised versions contain injected malicious code that is designed to steal private keys from unsuspecting developers and users, potentially enabling attackers to drain cryptocurrency wallets," Socket said in a report.

@solana/web3[.]js is an npm package that can be used to interact with the Solana JavaScript software development kit (SDK) for building Node[.]js and web apps.

See more:
The Hacker News: https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html

SecurityWeek:
https://www.securityweek.com/solana-web3-js-library-backdoored-in-supply-chain-attack/

BleepingComputer:
https://www.bleepingcomputer.com/news/security/solana-web3js-library-backdoored-to-steal-secret-private-keys/

#cybersecurity #solana #malware #c2

Author Public Key

npub1zm7jduqq2nmxz5wxh4ujtm00g9vxzqa0r82yt7flvm67yje5gfaqa5pnd6

Seen on

wss://relay.primal.net

Show more details

Published at

2024-12-05 06:51:49

Kind type

1 Short Text Note

Event JSON

{ "id": "e70c9690efcf4672e982e9ccd0d297bd57c6017972b38358b73d25c7c6916f62", "pubkey": "16fd26f00054f66151c6bd7925edef41586103af19d445f93f66f5e24b34427a", "created_at": 1733381509, "kind": 1, "tags": [ [ "t", "cybersecurity" ], [ "t", "solana" ], [ "t", "malware" ], [ "t", "c2" ], [ "r", "https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html" ], [ "r", "https://www.securityweek.com/solana-web3-js-library-backdoored-in-supply-chain-attack/" ], [ "r", "https://www.bleepingcomputer.com/news/security/solana-web3js-library-backdoored-to-steal-secret-private-keys/" ] ], "content": "Researchers Uncover Backdoor in Solana's Popular Web3[.]js npm Library\n\nCybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3[.]js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets.\n\nThe attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm registry. The package is widely used, attracting over 400,000 weekly downloads.\n\n\"These compromised versions contain injected malicious code that is designed to steal private keys from unsuspecting developers and users, potentially enabling attackers to drain cryptocurrency wallets,\" Socket said in a report.\n\n@solana/web3[.]js is an npm package that can be used to interact with the Solana JavaScript software development kit (SDK) for building Node[.]js and web apps.\n\nSee more:\nThe Hacker News: https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html\n\nSecurityWeek:\nhttps://www.securityweek.com/solana-web3-js-library-backdoored-in-supply-chain-attack/\n\nBleepingComputer:\nhttps://www.bleepingcomputer.com/news/security/solana-web3js-library-backdoored-to-steal-secret-private-keys/\n\n#cybersecurity #solana #malware #c2", "sig": "a44c75c4e65e8d33a1afe3d2356a6af3f6370097eea193002c90824305b869d410346b9bf7a794d4a3ac74234f62c0e6299d67645cd954fdd75c29c1d49a820a" }