Massive exploit on ledger's NPM account every app on every chain is at risk, don't sign anything
>>60913948Crypto is done..
>>60913948>stealing seedsnot possible, which makes me doubt this person's testimony entirely
>>60913948It's not Ledger's account and it goes way beyond that. DO NOT MAKE ANY TRANSACTIONS until this shit gets fixed
>>60913985Are you stupid? That's the CTO at ledger
AHAHAHAHAHHAAagain these little smelly incels with their metamask / ethereum contracts getting scammed like they deservei have a ledger nano s and a coinbase account and.... OH SURPRISE, MY 4 BTC are still with me completely safeget fucked ethereumfags and metamask faggots and google chrome add-ons seed phrase idiots
>>60914009then he's a moron. when pavinder codes his shitty web app, he calls a function in the npm package. the npm package cannot magically access app storage and retrieve your seed, it can only pass incorrect data back to the function call.
MUH NPM ACCOUNT HAS BEEN HACKEDAHAHAHAHAAHAHHAHAHAHAHWTF IS A NPM ACCOUNT?LEDGER NANO S = SAFUCOINBASE PRO = SAFUGET REKT SHITCOINERS
>>60914013Bitcoin and Bitcoin Cash are also affected. If you make transactions with your hw wallet triple check the recipient address character by character. The malware will change that address to something that looks very similar to the address you're sending to. In a browser window it will make this change in the background in a way the user won't see a thing. Do not trust any address that's on a webpage, only trust addresses that are shown in the screen of your hardware wallet. Best not to make any transactions.
>>60914030ledger company is full of morons, it's a french company - all smart french people already live abroad since 2016 only niggers and turbo leftists are left in france, average IQ 95 at best
>>60914046i don't have any transaction to do right nowi just wanted to say that you are all a bunch of faggots and ledger is a company of niggers
>>60914030I'm talking about dismissing the entire story bc of the seed phrase partits getting reported all over and swissborg might've already gotten $40m drained
>>60914046does this affect trezor transactions in the desktop app?
Fuck this shit I’m done I’m buying a trezor today.
>>60914065AHAHAHAHAHA FUCKING FAGGOTit's about ledgers not Ledger (tm)KYS IMBECILE
Seems bullish for XRP
>>60913948Has absolutely nothing to do with ledger
>>60914062forgive me if I'm unforgiving of some retard extending his own security failure to throw shade at software wallets that are his direct competitor
>>60914062ahahahahah solniggers getting fucked in the asssurprisingmy bitcoin is safu
>>60914063It affects everything that uses some of the most popular JavaScript packages. So yes.
>>60914087fuck javascript then, nigger
>>60913985Israel steals seed from its deceased soldiers, probably some Kabbalistic shenanigans going on.
niggerniggerniggerledgerniggerniggersee, no difference
>>60913985entirely possible from a ledger deviceif you are using ledger today you are retarded
>>60913948my funds are SAFU on Binance
>>60913948I've been buying ETH and ARB on chain for weeks in a hot wallet on my phone. Everything is still there.
Checking the first eth address in the substack article that is supposedly the attackers address shows only one transaction for ETH (0.00001) and one for "gondola" tokens...Where's all the stolen funds? Nothing happening here.
>>60914227yeah it's a nothingburgerthe nigger's address is 0xFc4a...c166976 for any anons reading
>>60913985Dude ledger literally has seed backups on their server for your "convenience"Anyone using ledger is a fucking moron
>>60914037Coinbase's website uses npm package so literal like any other modern webpage so no
>>60913948Crypto was a mistake. Decentralization and lack of central authority gives criminals too much power. Satoshi solved one problem but created a bunch of new ones.
>>60914227the attack would generate an address for each transaction that visually similar to the actual destinationi think its impossible to tell how much was stolen currently
>>60914232Checked the first 10 eth addresses in the list...all empty. I wasnt going to do any transactions today anyway. So I'll wait until it comes out that this was all bullshit.
>>60914246Satoshi is literally CIA you stupid fuck
>>60914248Then what is this list they are publishing? Were these generated for specific targets? If so, why didn't they succeed in stealing anything?
>>60913948>>60914046Bitcoin is safe. This is for those using shitty browser based apps or clients calling javascript. Adults need not worry.
>>60914272Out of all of the Satoshi hypotheses, this one is by far the dumbest.>bro, you don’t understand, “Satoshi Nakamoto” means “wise central origin”!Eat a brick dummy.
>>60913948explain this to me like im retarded
>>60914051France really is so incredibly sad. A once beautiful country, destroyed by them
>>60914296>Adults need not worry.With this mindset you'll lose your crypto one day. Sure, if you're 100% certain your wallet doesn't use these packages it's safe. Even if it does use them it's unlikely there was an update pushed during the few hours when the packages were hacked. It's better to be paranoid.
Bump
>>60914336npm is like a library with pieces of code that web developers use so they don't have to rewrite stuff all the time. most websites you visit are probably using a bunch of npm packages. someone pushed an update to some popular npm packages that makes it so when you send a transaction the adress that is shown on the computer screen is not the same that the crypto is actually sent to. this has nothing to do with ledger specifially i think, any hardware wallet or software wallet could be vulnarable. to be safe, don't send anything right now, even if the chance of something happening to you is very low i think.
Piece Of Shit
>>60913948So just don't do anything, nice. I like when the answer to a problem is just be lazy.
https://updraft.cyfrin.io/courses/web3-wallet-security-basicswill plug cyfrin's course on learning to sign transactions so you know what you're signing and spotting maliciously spoofed tranasctions to sign.
writeup on what actually happened>https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromisedtl;dr a package that other packages use was compromised and it can rewrite destination addresses for Ethereum and Solana spends.
>>60914119Youre literally shitting up this thread. Take your fucking meds, Rakash, so I can read. Ffs
>>60913948Back when software was made by white people, each software had to manage its own library versions and build system. Makefiles were pretty much the standard, and they were straight up awful. CMake made things a bit easier, but build systems were generally brittle and all over the place.Then came along Python, perhaps the worst language ever made. Billions of brown people all over the world marveled at the ingenuity of typing pip install solution and then 'import solution'. No thoughts required. Ironically, it probably made building actual software even MORE complicated as in many instances compilation was required to build dependencies, or dependencies of dependencies... or dependencies of dependencies of dependencies. The alternative was to rely on pre-packaged wheels for very specific versions of certain drivers and sub-dependencies- and you can't use multiple versions of a dependency at the same time. If there are version conflicts between dependencies you are pretty much fucked. Instead of having one build system to maintain, you now had many CMake, Makefile etc. build systems being run by the Python build system to build the exponentially growing dependencies that run your shitty unmaintainable Python scripts. I am not exaggerating when I say Python may have set machine learning back at least a decade.Then came along NPM. Or maybe NPM came first, it doesn't matter. NPM had a library for checking if a number is even. It has over a million downloads; even worse, it also has a library for checking if a number is odd... which also has over a million downloads. It has the exact same problems as PyPi (Python package manager).Then it was pretty much a requirement for language toolchains to have some kind of package system, most of which suck The Rust toolchain is pretty good, but that's only because the ecosystem insists on having a 'pure Rust' version for pretty much everything.
>>60914055I put my shitcoins in your're moms wallet last night, if you can catch my drift?
>>60913948Fake scam to sideline retail one last time before they flip the switch
>>60914009Alright, fuck. He’s compromised and is rugging all ledger wallets before the SWIFT go live. Need a Trezor nowHe definitely compromised this shit and all seeds were probably pre generated by him
>>60913948This sounds like a job for Chainlink (LINK)
>>60914778You better dont use them right now tho lol
>>60913948you have to be a stupid fucking gorilla nigger to be using ledger after the first mass ledger hack. How many times has ledger been hacked now? 7??? 8???Trezor has been 'hacked' a grand total of 0 times. There were maybe a handful of CVEs within the span of a decade, with only about 3-4 being 'critical'. None of the CVEs were exploited in the wild.use nigger software, catch nigger stds
@grokyo chat is this real?
>>60914233>entire XRP schizo cult ruint
>>60913985If your shit software wallet it coded with JS and at any point people have to input their seeds to transfer wallets then yes it can suck it out.What's so unbelieavable in this?
>>60914046Another crypto “hack” that is avoided by simply doing regular due diligence.I typically check 6 characters front and back on the destination address anyway. Maybe I’ll do 8 from here on out.
>>60913948Until this gets fixed- DO NOT, I repeat- DO NOT MAKE ANY TRANSACTIONS. VERY DANGEROUS.We receieved word that this is NOT CONTAINED.
>>60914296>Adults need not worryBut normies do. That's exactly wyose panic is going to be the loudest.
>>60914755ok grandpa so now we out here codin and re-codin yalls old broke down shit, vibe codin and jus plain ol codin plus we got AIIIIIIIIIIII to do it fo us so jus hang up the frizz an git gud yall sum old niggers up in here
>>60915030it doesn't work that way. the npm package is loaded into the browser window when the user accesses a dapp, it's not part of the wallet software. it cannot access extension storage where the encrypted seed is, and it can't modify the wallet. dapps work by encoding transaction requests and giving the calldata to the wallet for signing. this malicious package modifies the calldata and sends this to the wallet. so if you bother to check the transaction details, you will see the attacker's address as the recipient instead of the smart contract you're trying to interact with.
>noooooo don't just use a generic android tablet you gotta get a heckin hardware walleterino!
>>60914818Retard this has nothing to do with ledger, in fact ledger is pretty save
>>60915050>I typically check 6 characters front and back on the destination address anyway. Maybe I’ll do 8 from here on out.kek people spoof addresses with the first x and last y of the address all the time you fucking retard.That's one of the big ways to get scammedStop being lazy and check the entire fucking address like you should have been doing.
>>60914776>get molested by father>feels bad>"heh time to make someone feel my misery"thanks bub
>>60913985>>60914143>>60914233>>60915030Even if seeds get stolen, can they even do shit about it if you use a passphrase?
>>60913948>Load ze ledger exploit FUD
>>60915301are you fucking retarded
>>60914755>pip installI've had to do that so many times just to scape some porn on kemmo su>>60914818The hack effects all wallets on all chains
>>60915336Explain why I am retarded if you're just going to blanket insult me.
>>60915301Post your seed and let's test it out.
>>60915336Fuck me did not expect to get a good laugh from this thread
>>60915376sneedfeedcuckbaggybasedjakniggercockkikestroondilateseethecope
>>60915362>>60915404Stop posting, start researching and lurk for a few months.
>>60915301if an attacker has root access to your machine, you're right that they can only see the encrypted seed and password hash, so you have some slim protection. but in that scenario, chances are very good that you will unknowingly enter your password before you realize you've been compromised. it's a good protection against the wallet itself getting compromised, since an attacker cannot just immediately steal the seed after altering the software, they still need you to enter the password. keep in mind that they can still crack your password using the hash, if it is weak
>>60915427Makes sense, thanks for the first non-sperg answer.
>>60913948>>60914555Do you/does anyone know when the exploit started? I sent a large transaction on Friday to a new cold wallet, now I'm feeling paranoid...
>>60915301the passphrase has nothing to do with the seed, its for maintaining security on a device you've already loaded your seed intoonce they have your seed or your pkey(for a specific address), its over
>>60913948>the future of financegee, wonder why broke retail won't pour their last $50 into the market anymore
>>60915456it started today. furthermore its a compromise of web based frontends. so for instance if you open up metamask extension and send something to another wallet its fine. but if you go to the uniswap website and try to swap, there's potential for the tx to be replaced.so far it seems like a nothingburger, havent seen a single report of people losing money to this particular attack yet
>>60915473What about Ledger Live?
>>60915473Total amount lost is in low three digits. Most of those are probably just donations to the hacker out of pity. I don't think there was any big updates where the affected packages were used and if there was they're probably fixed already.
>>60913948and they called me stupid for keeping my net worth on a chrome extension lmao
>>60915456You know your "cold wallet" is still on the ledger right? You can just look up the wallet address on the ledger and confirm the funds are there.
>>60915532This affects metamask, stupid.
>>60913985Note that he says "software wallets" which is absolutely possible to steal. It generally isn't possible from hardware wallets though,
>>60915540well my wallet is still untouched
>>60914233I think you have to agree to that, it isn't automatic.
30yo boomer here reporting back from the hack :i'm fine, all my gold & silver are safe, right there next to me. I touch them rn to make sure they didn't get hacked and everything seems alright.Report's over.
>>60915634That's nice but chart? And price?
>>60915634tell me you don't live in a black neighbourhood without telling me you don't live in a black neighbourhood
>>60914755nerd
>>60913948wait till they get to handle exact device clones with same chipids etc... sounds like many new "trannies"
>>60915600if the user downloads a malicious file and runs it locally, sure, or if there is a zero day exploit of the browser sandbox that allows access to extension storage. but not possible with just an npm package loaded into the browser window.
It's basically a huge nothing burger. Even those using ledger devices are unaffected.
lmao.
>>60915532You are explicitly at the highest risk from this. Retard.
>>60914755All of the things you're complaining about, python, nmp , where made by white people too you utter loser.
>>60916057lol, even
>>60916057Load ze fud
>>60915667Very easy to protect your stash from blacks. Just store the stash in something that looks worthless near a large TV
>>60913948Update on the NPM attack: The attack fortunately failed, with almost no victims.It began with a phishing email from a fake npm support domain that stole credentials and gave attackers access to publish malicious package updates. The injected code targeted web crypto activity, hooking into Ethereum, Solana and other chains to hijack transactions, and replacing wallet addresses directly in network responses.The attackers’ mistakes caused crashes in CI/CD pipelines, which led to early detection and limited impact. Still, this is a clear reminder: if your funds sit in a software wallet or on an exchange, you’re one code execution away from losing everything. Supply chain compromises remain a powerful malware delivery vector, and we’re also seeing more targeted attacks emerge.Hardware wallets are built to withstand these threats. Features like Clear Signing let you confirm exactly what’s happening, and Transaction Checks flag suspicious activity before it’s too late.The immediate danger may have passed, but the threat hasn’t. Stay safe.https://x.com/P3b7_/status/1965336272550899932Are we save again?
>>60915640They are way up.
