BTC $63,309.07 -1.98%
ETH $1,845.05 -3.73%
BNB $570.64 -1.73%
XRP $1.08 -2.10%
SOL $74.86 -2.49%
TRX $0.3214 -0.75%
DOGE $0.0720 -2.47%
ADA $0.1596 -3.09%
BCH $222.72 +0.40%
LINK $8.25 -3.24%
HYPE $59.86 -9.66%
AAVE $90.66 -5.73%
SUI $0.7395 -2.32%
XLM $0.1838 -1.69%
ZEC $536.04 -5.15%
BTC $63,309.07 -1.98%
ETH $1,845.05 -3.73%
BNB $570.64 -1.73%
XRP $1.08 -2.10%
SOL $74.86 -2.49%
TRX $0.3214 -0.75%
DOGE $0.0720 -2.47%
ADA $0.1596 -3.09%
BCH $222.72 +0.40%
LINK $8.25 -3.24%
HYPE $59.86 -9.66%
AAVE $90.66 -5.73%
SUI $0.7395 -2.32%
XLM $0.1838 -1.69%
ZEC $536.04 -5.15%

Socket 安全团队发现恶意 npm 包,攻击者试图窃取钱包余额 85% 的资产

2025-06-03 10:18:07
收藏

ChainCatcher 消息,Socket 安全研究团队发现四个恶意 npm 包,针对币安智能链(BSC)和以太坊(Ethereum)用户的钱包实施攻击。这些包分别为 pancake_uniswap_validators_utils_snipe(350 次下载)、pancakeswap-oracle-prediction(445 次下载)、ethereum-smart-contract(305 次下载)和 env-process(1,054 次下载),累计下载量已超过 2,100 次。

攻击者通过混淆的 JavaScript 代码计算目标钱包余额的百分比,并尝试将高达 85% 的资产转移至其控制的钱包地址。

app_icon
ChainCatcher 与创新者共建Web3世界