all InfoSec news
NPM Account Takeover Results in Crypto Supply Chain Attack
Malware Analysis, News and Indicators - Latest topics malware.news
In an alarming development for the cryptocurrency community, the Ledger Connect Kit, has fallen victim to a sophisticated supply chain attack, resulting in the redirection of users’ crypto transactions to a wallet controlled by the attacker. The Ledger Connect Kit is a vital component in the decentralized application ecosystem owned by Ledger – a company that manages billions of dollars.
Key Findings
NPM Account Takeover: Ledger Connect-Kit was compromised due to npmjs account takeover of a former Ledger employee.
Affected …
account account takeover application attack attacker community connect crypto cryptocurrency decentralized development ecosystem kit ledger npm redirection results supply supply chain supply chain attack takeover transactions victim wallet