Security advisories

Critical npm Supply Chain Attack

September 9, 2025 | 3 MINS READ

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

On September 8th, 2025, a large-scale supply chain attack was confirmed, affecting at least 25 widely used npm packages, collectively downloaded over two billion times weekly. High-profile maintainers were targeted with phishing emails that allowed attackers to steal their credentials and publish malicious versions of a series of packages on npm. The trojanized versions include a browser-based interceptor, that monitors cryptowallet and web3 activity. It detects crypto transaction formats, alters wallet operations, and redirects payments and approvals to attacker-controlled wallets. In addition to stealing cryptowallet data, the campaign expands the threat landscape by intercepting web traffic, exposing a broad spectrum of sensitive credentials and personal information.

Although the malicious packages are no longer available for download, the threat remains significant as the campaign is still active, and additional maintainers are likely to be targeted. Organizations are advised to raise employee awareness of the activity and block compromised package downloads.

What we're doing about it

What you should do about it

Additional information

On September 8th, 2025, the npm maintainer, Qix, fell victim to a sophisticated phishing attack cloaked as a npm support email from support@npmjs[.]help. The email stated the maintainer’s account would be locked unless Two-Factor Authentication (2FA) was updated. This led to credentials and the 2FA token being harvested via an Adversary-in-the-Middle (AiTM) attack. Using this access, the attackers published malicious versions of numerous high-profile npm packages that collectively register over two billion downloads weekly.

According to Akido.dev, the malicious code first injects itself into the browser environment during runtime. Once injected, it hooks core browser functions such as fetch and XMLHttpRequest, as well as wallet-specific APIs including window.ethereum for Ethereum and Solana-related interfaces. By doing this, the malware ensures it can intercept both general web traffic and cryptocurrency wallet operations.  The malware continuously scans network responses and transaction payloads for sensitive data, particularly looking for cryptocurrency wallet addresses or transfer details. It is capable of recognizing multiple formats across popular blockchains, including Ethereum, Bitcoin, Solana, Tron, Litecoin, and Bitcoin Cash.

After identifying target transactions, the malware rewrites the destination addresses, replacing the legitimate recipient with an attacker-controlled address. To make these changes less obvious, malware often uses “lookalike” addresses that closely resemble the original.  The malware hijacks transactions before they are signed, altering parameters such as Ethereum or Solana recipients, approvals, and allowances. Even if the user interface displays the correct transaction information, the signed transaction is routed to the attacker’s wallet.

The attack affected several packages and versions which have been listed in Table.1. According to security firm Socket, the npm supply-chain attack that compromised the maintainer “qix” has also extended to another high-profile maintainer known as “duckdb_admin.” The affected version has been listed in the Table.2.

Security teams should immediately audit their dependencies and confirm whether the malicious package versions are present in their projects. If these versions are detected, defenders should roll back to a safe version and monitor their systems for any evidence of suspicious cryptocurrency wallet redirection.

Compromised npm packages
Package Version
backslash0.2.1
chalk-template1.1.1
supports-hyperlinks4.1.1
has-ansi6.0.1
simple-swizzle0.2.3
color-string2.1.1
error-ex1.3.3
color-name2.0.1
is-arrayish0.3.3
slice-ansi7.1.1
color-convert3.1.1
wrap-ansi9.0.1
ansi-regex6.2.1
supports-color10.2.1
strip-ansi7.1.1
chalk5.6.1
debug4.4.2
ansi-styles6.2.2
DuckDB-related packages
Package Version
@coveops/abi2.0.1
@duckdb/duckdb-wasm1.29.2
@duckdb/node-api1.3.3
@duckdb/node-bindings1.3.3
duckdb1.3.3
prebid10.9.1
prebid10.9.1

References:

[1] https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
[2] https://socket.dev/blog/duckdb-npm-account-compromised-in-continuing-supply-chain-attack
[3] https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Uncategorized/NPM%20debug%20and%20chalk%20compromise%2009-2025.md#description
[4] https://www.linkedin.com/posts/kostastsale_hackers-hijack-npm-packages-with-2-billion-activity-7370922481530036224-NG_l?

View Most Recent Advisories