←back to thread

NPM debug and chalk packages compromised

(www.aikido.dev)
1369 points universesquid | 1 comments | 08 Sep 25 15:37 UTC | HN request time: 0s | source
Show context
dafelst ◴[08 Sep 25 19:07 UTC] No.45172480[source]
I'm curious if anyone is tracking transactions against the wallet addresses in the malicious code - I assume that is essentially the attackers' return on investment here.
replies(1): >>45172709 #
1. eiiot ◴[08 Sep 25 19:23 UTC] No.45172709[source]
Just ran a script to do this – doesn't seem like there's much going in, other than one test transaction.