Cryptonews
Three Major Crypto Attacks in 24 Hours: Fake Apps, $14.2M SOL Theft, npm Breach
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
In a span of 24 hours, three significant cryptocurrency-related attacks were reported. Fraudsters impersonated SecondFi, creating fake browser extensions and applications aimed at stealing cryptocurrency from users. SecondFi confirmed that it would never request users to download software or click links through direct messages. A separate incident involved the compromise of a Solana whale wallet, resulting in the theft of 180,900 SOL, valued at $14.2 million. The attacker exploited unusual unstaking activity before transferring the stolen assets to new Solana addresses and bridging them to Ethereum to obscure the transaction trail. Additionally, the jscrambler npm package suffered a supply chain attack, where malicious code was introduced into several versions of the package due to stolen npm publishing credentials. Developers were urged to update to version 8.22.0 to mitigate the threat.
Key Points: • Fraudsters created fake apps impersonating SecondFi to steal cryptocurrency. • A Solana whale wallet was compromised, leading to a theft of 180,900 SOL worth $14.2 million. • The jscrambler npm package was attacked, distributing malware through compromised releases.