CyberHappenings logo
☰
🏠 Home 📂 Browse ℹī¸ About

Malicious npm Packages Target Ethereum Developers, Steal Wallet Keys

First reported
Last updated
📰 1 unique sources, 1 articles

Summary

Hide ▲

Four malicious npm packages impersonating legitimate cryptographic utilities and Flashbots infrastructure have been discovered. These packages, uploaded by a user named 'flashbotts', exfiltrate private keys and mnemonic seeds to a Telegram bot controlled by the threat actor. The packages were uploaded between September 2023 and August 2025 and remain available for download. The packages are designed to steal cryptocurrency wallet credentials from Ethereum developers, leveraging the trust associated with the Flashbots platform. The most dangerous package, '@flashbotts/ethers-provider-bundle', redirects unsigned transactions to an attacker-controlled wallet and logs metadata from pre-signed transactions. Other packages, such as 'sdk-ethers' and 'flashbot-sdk-eth', also exfiltrate private keys and mnemonic seed phrases. The threat actor's Vietnamese language comments in the source code suggest a financially motivated attack, targeting the Ethereum ecosystem's trust to conduct software supply chain attacks.

Timeline

  1. 06.09.2025 09:42 📰 1 articles

    Malicious npm Packages Impersonating Flashbots Target Ethereum Developers

    Four malicious npm packages, uploaded between September 2023 and August 2025, have been discovered impersonating legitimate cryptographic utilities and Flashbots infrastructure. These packages exfiltrate private keys and mnemonic seeds to a Telegram bot controlled by the threat actor. The packages remain available for download as of September 2025, posing a significant risk to Ethereum developers.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Malicious nx Packages Exfiltrate 2,349 GitHub, Cloud, and AI Credentials in Supply Chain Attack

A supply chain attack on the nx build system compromised multiple npm packages, leading to the exfiltration of 2,349 GitHub, cloud, and AI credentials. The attack unfolded in three distinct phases, impacting 2,180 accounts and 7,200 repositories. The attack exploited a vulnerable workflow in the nx repository to publish malicious versions of the nx package and supporting plugins. The compromised packages scanned file systems for credentials and sent them to attacker-controlled GitHub repositories. The attack impacted over 1,346 repositories and affected Linux and macOS systems. The nx maintainers identified the root cause as a vulnerable workflow added on August 21, 2025, that allowed for the injection of executable code via a pull request title. The malicious packages were published on August 26, 2025, and have since been removed from the npm registry. The attackers leveraged the GITHUB_TOKEN to trigger the publish workflow and exfiltrate the npm token. The malicious postinstall script scanned systems for text files, collected credentials, and sent them to publicly accessible GitHub repositories. The script also modified .zshrc and .bashrc files to shut down the machine immediately upon user interaction. The nx maintainers have rotated npm and GitHub tokens, audited activities, and updated publish access to require two-factor authentication. Wiz researchers identified a second attack wave impacting over 190 users/organizations and over 3,000 repositories. The second wave involved making private repositories public and creating forks to preserve data. GitGuardian's analysis revealed that 33% of compromised systems had at least one LLM client installed, and 85% were running Apple macOS. The attack took approximately four hours from start to finish. AI-powered CLI tools were used to dynamically scan for high-value secrets. The malware created public repositories on GitHub to store stolen data. The attack impacted over 1,000 developers, exfiltrating around 20,000 sensitive files. The malware modified shell startup files to crash systems upon terminal access. The attack was detected by multiple cybersecurity vendors. The malicious packages were removed from npm at 2:44 a.m. UTC on August 27, 2025. GitHub disabled all singularity-repository instances by 9 a.m. UTC on August 27, 2025. Around 90% of leaked GitHub tokens remain active as of August 28, 2025.

Open in new tab

Malicious PyPI and npm Packages Exploit Dependencies in Supply Chain Attacks

Cybersecurity researchers have identified malicious packages in the Python Package Index (PyPI) and npm repositories that exploit dependencies to execute supply chain attacks. The PyPI package termncolor, with 355 downloads, and its dependency colorinal, with 529 downloads, were found to perform DLL side-loading to achieve persistence and remote code execution. The malware can infect both Windows and Linux systems. Additionally, npm packages were discovered to harvest sensitive data, including iCloud Keychain, web browser, and cryptocurrency wallet information. The attacks highlight the risks associated with automated dependency upgrades and the importance of monitoring open-source ecosystems for potential threats. In a recent supply chain attack, attackers injected malware into npm packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. The attack impacted roughly 10% of all cloud environments. The malware operates by injecting itself into the web browser, monitoring cryptocurrency transactions, and redirecting them to attacker-controlled wallet addresses. The compromised packages include debug, chalk, and ansi-styles, among others. The impact of the attack is limited to fresh installs between ~9 AM and ~11.30 AM ET on September 8, 2025, when the packages were compromised. This attack follows a series of similar incidents targeting JavaScript libraries, highlighting the ongoing threat to the open-source ecosystem.

Open in new tab