npm Attack Hits 18 Packages With 2B Weekly Downloads
News
SHARE
Facebook X Pinterest WhatsApp

Billion-Download npm Packages Hijacked in Crypto-Stealing Attack

Hackers hijacked 18 npm packages with 2B weekly downloads, planting malware to steal crypto by redirecting wallet transactions.

Written By
Ken Underhill
Ken Underhill
Sep 9, 2025
3 minute read
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

A major supply-chain attack compromised 18 popular npm packages — including chalk, debug, ansi-styles, and supports-color — planting malware that secretly redirects crypto transactions.

Aikido researchers noted, “What makes it dangerous is that it operates at multiple layers: altering content shown on websites, tampering with API calls, and manipulating what users’ apps believe they are signing.”

What happened?

Beginning Sept. 8, 2025, attackers pushed new, malicious versions of 18 high-traffic libraries that collectively see roughly 2 billion downloads per week. 

The payload operates in the browser, hooks web and wallet APIs, and can reroute funds or token approvals to attacker-controlled accounts… even if the on-screen UI appears normal.

A computer code.
Image Source: Screenshot (Aikido)

How the attack works

The malicious updates hook core browser functions, such as fetch and XMLHttpRequest, as well as popular wallet interfaces (e.g., window.ethereum, Solana). 

They scan responses for wallet addresses across Ethereum, Bitcoin, Solana, Tron, Litecoin, and Bitcoin Cash, then substitute “look-alike” attacker addresses. The code also tampers with Ethereum and Solana transaction parameters before signing, silently redirecting approvals and transfers.

At a technical level, the malware acts as a browser-resident interceptor. It embeds into the page context, hooks network and wallet APIs, scans content for patterns that resemble wallet addresses, and rewrites targets using string-matching to minimize visual diffs. 

For Ethereum flows, it can alter to addresses and common token functions (approve, transfer, transferFrom) and even manipulate router interactions used by popular DEXs. For Solana, it can modify instruction accounts and recipients. 

The attack complexity is low once the actor controls the maintainer account; exploitability is immediate upon installation or deployment of the tainted version.

Advertisement

Attack Scope

The campaign traces back to a maintainer account compromise via phishing. A spoofed email impersonating npm support led to stolen credentials and subsequent tainted releases starting September 8. 

Given the ubiquity of these utilities in both build and runtime paths, the potential blast radius is high even for organizations that do not directly depend on the top-level packages.

The affected versions include:

  • ansi-regex (6.2.1)
  • ansi-styles (6.2.2)
  • backslash (0.2.1)
  • chalk (5.6.1)
  • chalk-template (1.1.1)
  • color-convert (3.1.1)
  • color-name (2.0.1)
  • color-string (2.1.1)
  • debug (4.4.2)
  • error-ex (1.3.3)
  • has-ansi (6.0.1)
  • is-arrayish (0.3.3)
  • simple-swizzle (0.2.3)
  • slice-ansi (7.1.1)
  • strip-ansi (7.1.1)
  • supports-color (10.2.1)
  • supports-hyperlinks (4.1.1)
  • and wrap-ansi (9.0.1)

This incident underscores a broader trend, where adversaries are increasingly phishing open-source maintainers to weaponize ubiquitous “utility” packages that sit deep in transitive dependency trees. 

By targeting formatting and logging libraries that land in both server and browser contexts, attackers maximize their reach with minimal effort—turning routine updates into stealthy client-side threats.

Ways to mitigate risk

Organizations impacted by the npm supply-chain attack should act quickly to contain exposure and prevent further compromise. The following steps outline how security teams can mitigate this attack.

  • Remove malicious versions, clear environments, and reinstall from audited, trusted lockfiles.
  • Enforce lockfiles, exact version pinning, and reviewed PR-based dependency updates in all environments.
  • Rotate tokens, revoke stale credentials, enforce 2FA/SSO, and monitor for spoofed npm domains.
  • Implement checks for abnormal API hooks and monitor telemetry for suspicious wallet or address activity.
  • Review logs since Sept. 8, 2025, investigate wallet flows if exposed, and remediate by notifying users, resetting sessions, and clearing caches/CDN.

Just like a zero-day, one malicious update can quietly hijack critical workflows at scale.

As attacks like this show, the real challenge isn’t just patching a single package but rethinking how you secure the entire software supply chain from end to end.
Ken Underhill

Ken Underhill is an award-winning cybersecurity professional, bestselling author, and seasoned IT professional. He holds a graduate degree in cybersecurity and information assurance from Western Governors University and brings years of hands-on experience to the field.

eSecurity Planet Logo

eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.

facebook
linkedin
x

Company

About us Contact us Advertise with us

Categories

Best Products Resources Networks Cloud Threats Trends Endpoint Applications Compliance

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information