BTC $62,197.55 -3.12%
ETH $1,772.48 -2.66%
BNB $565.55 -2.37%
XRP $1.06 -2.98%
SOL $75.06 -3.32%
TRX $0.3256 -1.78%
DOGE $0.0717 -2.52%
ADA $0.1579 -3.83%
BCH $235.84 -4.37%
LINK $7.90 -2.16%
HYPE $63.62 -6.70%
AAVE $94.75 -3.79%
SUI $0.7205 -2.80%
XLM $0.1822 -3.95%
ZEC $503.75 -6.47%
BTC $62,197.55 -3.12%
ETH $1,772.48 -2.66%
BNB $565.55 -2.37%
XRP $1.06 -2.98%
SOL $75.06 -3.32%
TRX $0.3256 -1.78%
DOGE $0.0717 -2.52%
ADA $0.1579 -3.83%
BCH $235.84 -4.37%
LINK $7.90 -2.16%
HYPE $63.62 -6.70%
AAVE $94.75 -3.79%
SUI $0.7205 -2.80%
XLM $0.1822 -3.95%
ZEC $503.75 -6.47%

Socket 安全团队发现恶意 npm 包,攻击者试图窃取钱包余额 85% 的资产

2025-06-03 10:18:07
收藏

ChainCatcher 消息,Socket 安全研究团队发现四个恶意 npm 包,针对币安智能链(BSC)和以太坊(Ethereum)用户的钱包实施攻击。这些包分别为 pancake_uniswap_validators_utils_snipe(350 次下载)、pancakeswap-oracle-prediction(445 次下载)、ethereum-smart-contract(305 次下载)和 env-process(1,054 次下载),累计下载量已超过 2,100 次。

攻击者通过混淆的 JavaScript 代码计算目标钱包余额的百分比,并尝试将高达 85% 的资产转移至其控制的钱包地址。

app_icon
ChainCatcher 与创新者共建Web3世界