Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and mnemonic seed phrases.

The compromised version, @injectivelabs/sdk-ts@1.20.21, came embedded with fake telemetry functionality that exfiltrated data from cryptocurrency wallets. The version was

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

Next Post

URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Related Posts
Total
0
Share