Hackers used npm packages to steal Solana’s private keys through Gmail, bypassing traditional security measures.

20 January 2025 1 minute Author: Newsman

Attackers distributed malicious npm packages such as @async-mutex/mutex, dexscreener, solana-transaction-toolkit, and solana-stable-web-huks.

These packages used typosquatting techniques, masquerading as legitimate tools. Malicious scripts intercepted private keys during interactions with Solana cryptowallets and transmitted them through Gmail’s SMTP servers, making them difficult to detect. Some packages also programmatically drained wallets, transferring up to 98% of funds to addresses controlled by hackers. In total, these packages were downloaded more than 130 times, creating risks for developers and their work environments.

Cybercriminals are increasingly using trusted platforms such as npm and GitHub to distribute malicious code. In 2024, the number of such packages on open dependency managers increased by 1300% compared to 2020. Analysts warn that using artificial intelligence to generate descriptions of malicious packages can make them even more convincing to users.

This situation highlights the need for increased security measures when installing dependencies, especially with low downloads. Developers are encouraged to perform regular package checks, use tools like Socket, and ensure strict access control to sensitive information, including cryptowallets.

Other related articles
News
Read more
Massive data breach in China
The data breach affected companies including Weibo, JiDi, JD.com, banks and medical institutions. In total, 1.5 billion records were leaked, including full names, addresses, phone numbers, medical and financial data, and traffic information.
56
News
Read more
The FTC fined GM for data violations
Protecting driver data has become a priority: The US Federal Trade Commission has ordered General Motors to stop selling customer location data and strengthened requirements for transparency and user consent.
52
Found an error?
If you find an error, take a screenshot and send it to the bot.