Largest Supply Chain Attack In History Targets Crypto Holders

This isn’t looking good.

Hackers are targeting crypto users while they are making transactions, resulting in some crypto holders completely losing their cryptocurrencies.

Cybersecurity experts are calling the cyberattack one of the biggest supply chain attacks in history.

🚨 BREAKING: Massive crypto supply chain attack.

Ledger CTO warns: Hardware wallet users must verify every transaction. Others should avoid on-chain activity until patched. pic.twitter.com/XfzeZYHIuJ

— Bitcoin Archive (@BTC_Archive) September 8, 2025

Crypto Slate reported more on the cyberattack:

A new cyberattack is silently targeting crypto from users during transactions amid an incident that security researchers describe as the largest supply chain attack in history.

BleepingComputer reported that hackers compromised NPM package maintainer accounts through phishing emails and injected malware that steals crypto.

The attack targeted JavaScript developers with fraudulent emails appearing to originate from “[email protected],” an impersonated domain mimicking the legitimate NPM registry.

The phishing messages warned maintainers that their accounts would be locked on Sept. 10, unless they updated their two-factor authentication credentials through a malicious link.

Attackers successfully compromised 18 widely-used JavaScript packages with collective weekly downloads exceeding 2.6 billion.

The compromised libraries include fundamental development tools such as “chalk” (300 million weekly downloads), “debug” (358 million), and “ansi-styles” (371 million), affecting virtually the entire JavaScript ecosystem.

Largest NPM supply chain attack in history. Attackers compromised 18 core JavaScript packages with 2+ billion weekly downloads after phishing a maintainer. Malware targets crypto wallets & steals credentials. Millions of developers affected worldwide https://t.co/MEU7npyjNN pic.twitter.com/kB5Ej9SWwN

— Lukasz Olejnik (@lukOlejnik) September 8, 2025

CoinDesk reported the CTO of Ledger warned crypto holders

Charles Guillemet, chief technology officer at hardware wallet maker Ledger, warned on X on Monday that a large-scale supply chain attack is underway after the compromise of a reputable developer’s Node Package Manager (NPM) account.

According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to silently swap crypto wallet addresses in transactions. That means unsuspecting users could send funds directly to the attacker without realizing it.

Guillemet did not name the developer whose account he said was compromised.

The incident underscores how deeply interconnected open-source software is and why security lapses in developer tools can ripple into the crypto economy almost instantly.

Join the conversation!

We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.