Replying to Avatar BitKOKP

🚨BREAKING:

#Ledger CTO Charles Guillemet warns of a supply chain #attack in the #JavaScript ecosystem after an #NPM account compromise.

He advises users to carefully verify every transaction if using a #hardware #wallet, and to avoid on-chain transactions entirely if they don’t.

Stay safe.

🚨 ÚLTIMA HORA

El CTO de #Ledger, Charles Guillemet, advierte sobre un #ataque en curso: se comprometió la cuenta de un desarrollador en #NPM, la mayor biblioteca de paquetes de #JavaScript usada por casi todo el ecosistema.

NPM es la base sobre la que se construyen miles de apps y servicios, incluidas muchas wallets. El exploit inserta código malicioso que cambia direcciones de envío de criptomonedas, lo que podría afectar directamente a los usuarios.

Si usas #hardware #wallets, revisa cada transacción antes de firmar. Si usas software wallets, evita de momento realizar operaciones on-chain hasta nueva información.

#bitcoin #breaking #ultimahora
Avatar
BitKOKP 3mo ago

How You Lose Your Funds

The malware uses two sophisticated methods:

- Clipboard Hijacking: When you paste a wallet address, it stealthily swaps it with an attacker's address that is visually similar to the real one, making it extremely hard to spot the difference.

- Transaction Interception: It directly hooks into your wallet's functions. When you go to sign a transaction, it changes the recipient's address in the background before the confirmation prompt even appears.

How to Protect Yourself

- This malware targets BTC, ETH, SOL, TRX, LTC, and BCH.

- Your final confirmation screen is your last line of defense.

- You must meticulously verify every single character of the recipient address in your wallet app or on your hardware wallet screen before approving any transaction.

Reply to this note

Please Login to reply.

Discussion

No replies yet.