has experienced a breach<\/a>. This breach was utilized to deploy malware that targets and seeks out bitcoin and cryptocurrency wallets on users’ devices. When identified, the malware would modify the code functions responsible for handling transaction signing and substitute the address a user intends to send funds to with one of the malware creator\u2019s own addresses.<\/p>\nThis should primarily be an issue for users of web wallets, particularly within the Bitcoin ecosystem Ordinals or Runes\/other token users, unless an update for your usual software wallet coincidentally was released just earlier today with the compromised dependency, or if your wallet dynamically loads code directly from the wallet backend bypassing the app store, you should remain secure.<\/p>\n
NPM serves as a package manager for Node.js, a widely-used Javascript framework. This signifies that it is employed to obtain extensive collections of pre-written code utilized for standard functionality to be integrated into various applications without requiring the developer to rewrite fundamental functions independently.<\/p>\n
The affected packages were not exclusively related to cryptocurrency, but were packages employed by innumerable standard applications developed with Node.js, not solely cryptocurrency wallets.<\/p>\n
If you are employing a hardware wallet alongside your web wallet, exercise additional vigilance to verify on the device itself that the destination address you are sending to is accurate prior to signing anything.<\/p>\n
If you are utilizing software keys within the web wallet itself, it would be prudent to refrain from opening them or conducting transactions until you are confident that you are not operating a vulnerable version of the wallet. The most secure approach would be to await an announcement from the team responsible for the wallet you utilize.<\/p>\n<\/p><\/div>\n<\/div>\n
\n
Source link <\/a>
\n“`<\/p>\n","protected":false},"excerpt":{"rendered":"“`html A prominent NPM developer, qix, has experienced a breach. This breach was utilized to deploy malware that targets and seeks out bitcoin and cryptocurrency wallets on users’ devices. When identified, the malware would modify the code functions responsible for handling transaction signing and substitute the address a user intends to send funds to with<\/p>\n","protected":false},"author":3,"featured_media":15851,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[3554],"class_list":["post-15850","post","type-post","status-publish","format-standard","has-post-thumbnail","category-bitcoin","tag-gptreturn-a-list-of-comma-separated-tags-from-this-title-javascript-library-compromise-goes-after-bitcoin-wallets-gpt"],"yoast_head":"\n
JavaScript Library Breach Targets Bitcoin Wallets - WSJ-Crypto<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"JavaScript Library Breach Targets Bitcoin Wallets - WSJ-Crypto\" \/>\n<meta property=\"og:description\" content=\"“`html A prominent NPM developer, qix, has experienced a breach. This breach was utilized to deploy malware that targets and seeks out bitcoin and cryptocurrency wallets on users’ devices. When identified, the malware would modify the code functions responsible for handling transaction signing and substitute the address a user intends to send funds to with\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/\" \/>\n<meta property=\"og:site_name\" content=\"WSJ-Crypto\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-09T03:20:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"wsjcrypto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"wsjcrypto\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minuto\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/\",\"url\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/\",\"name\":\"JavaScript Library Breach Targets Bitcoin Wallets - WSJ-Crypto\",\"isPartOf\":{\"@id\":\"https:\/\/wsj-crypto.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp\",\"datePublished\":\"2025-09-09T03:20:31+00:00\",\"author\":{\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\"},\"breadcrumb\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#primaryimage\",\"url\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp\",\"contentUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp\",\"width\":1200,\"height\":630,\"caption\":\"Shinobi\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wsj-crypto.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"JavaScript Library Breach Targets Bitcoin Wallets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wsj-crypto.com\/#website\",\"url\":\"https:\/\/wsj-crypto.com\/\",\"name\":\"WSJ-Crypto\",\"description\":\"Just Another Crypto News Website\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wsj-crypto.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\",\"name\":\"wsjcrypto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"caption\":\"wsjcrypto\"},\"url\":\"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"JavaScript Library Breach Targets Bitcoin Wallets - WSJ-Crypto","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/","og_locale":"it_IT","og_type":"article","og_title":"JavaScript Library Breach Targets Bitcoin Wallets - WSJ-Crypto","og_description":"“`html A prominent NPM developer, qix, has experienced a breach. This breach was utilized to deploy malware that targets and seeks out bitcoin and cryptocurrency wallets on users’ devices. When identified, the malware would modify the code functions responsible for handling transaction signing and substitute the address a user intends to send funds to with","og_url":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/","og_site_name":"WSJ-Crypto","article_published_time":"2025-09-09T03:20:31+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp","type":"image\/webp"}],"author":"wsjcrypto","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"wsjcrypto","Tempo di lettura stimato":"1 minuto"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/","url":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/","name":"JavaScript Library Breach Targets Bitcoin Wallets - WSJ-Crypto","isPartOf":{"@id":"https:\/\/wsj-crypto.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#primaryimage"},"image":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#primaryimage"},"thumbnailUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp","datePublished":"2025-09-09T03:20:31+00:00","author":{"@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7"},"breadcrumb":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#primaryimage","url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp","contentUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/09\/NPM-Malware-Attack.webp.webp","width":1200,"height":630,"caption":"Shinobi"},{"@type":"BreadcrumbList","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/09\/09\/javascript-library-breach-targets-bitcoin-wallets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wsj-crypto.com\/"},{"@type":"ListItem","position":2,"name":"JavaScript Library Breach Targets Bitcoin Wallets"}]},{"@type":"WebSite","@id":"https:\/\/wsj-crypto.com\/#website","url":"https:\/\/wsj-crypto.com\/","name":"WSJ-Crypto","description":"Just Another Crypto News Website","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wsj-crypto.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Person","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7","name":"wsjcrypto","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","caption":"wsjcrypto"},"url":"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/15850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/comments?post=15850"}],"version-history":[{"count":2,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/15850\/revisions"}],"predecessor-version":[{"id":15853,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/15850\/revisions\/15853"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media\/15851"}],"wp:attachment":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media?parent=15850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/categories?post=15850"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/tags?post=15850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}