Ledger CTO：NPM攻击者未能得逞，几乎没有受害者

Blockbeats

Sep 09

BlockBeats 消息，9 月 9 日，Ledger 首席技术官 Charles Guillemet 发文更新称，“NPM 攻击最新进展：幸运的是，攻击未能得逞，几乎没有受害者。

攻击始于一个伪装成 npm 支持域名的钓鱼邮件，窃取用户凭证，使攻击者能够发布恶意软件包更新。注入的代码针对网络加密活动，侵入以太坊、Solana 等链，劫持交易，并直接在网络响应中替换钱包地址。攻击者的失误导致 CI/CD 流水线崩溃，从而实现早期检测，影响有限。

尽管如此，这是一个明确的提醒：如果你的资金存放在软件钱包或交易所，只需一次代码执行，你就可能失去一切。供应链攻击仍然是强大的恶意软件传播途径，我们也看到越来越多针对性的攻击出现。

硬件钱包专为抵御此类威胁而设计。像“清晰签名”这样的功能让你能够准确确认交易内容，而“交易检查”功能能在问题发生前标记可疑活动。眼前的危险可能已经过去，但威胁依然存在。保持安全。”

BlockBeats 今日早些时候报道，目前正在发生一起大规模供应链攻击：一名知名开发者的 NPM 账号遭到入侵。受影响的包下载量已超过 10 亿次，这意味着整个 JavaScript 生态系统都可能面临风险。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2566156695"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2566156695\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2566156695?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-09-09 18:01","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2566156695","market":"hk","top_or_hot":-1,"title":"Ledger CTO：NPM攻击者未能得逞，几乎没有受害者","media":"Blockbeats","content":"<html><body><div><p>BlockBeats 消息，9 月 9 日，Ledger 首席技术官 Charles Guillemet 发文更新称，“NPM 攻击最新进展：幸运的是，攻击未能得逞，几乎没有受害者。</p><p>攻击始于一个伪装成 npm 支持域名的钓鱼邮件，窃取用户凭证，使攻击者能够发布恶意软件包更新。注入的代码针对网络加密活动，侵入以太坊、Solana 等链，劫持交易，并直接在网络响应中替换钱包地址。攻击者的失误导致 CI/CD 流水线崩溃，从而实现早期检测，影响有限。</p><p>尽管如此，这是一个明确的提醒：如果你的资金存放在软件钱包或交易所，只需一次代码执行，你就可能失去一切。供应链攻击仍然是强大的恶意软件传播途径，我们也看到越来越多针对性的攻击出现。</p><p>硬件钱包专为抵御此类威胁而设计。像“清晰签名”这样的功能让你能够准确确认交易内容，而“交易检查”功能能在问题发生前标记可疑活动。眼前的危险可能已经过去，但威胁依然存在。保持安全。”</p><p>BlockBeats 今日早些时候报道，目前正在发生一起大规模供应链攻击：一名知名开发者的 NPM 账号遭到入侵。受影响的包下载量已超过 10 亿次，这意味着整个 JavaScript 生态系统都可能面临风险。</p></div></body></html>","source":"theblockbeats_zh_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Ledger CTO：NPM攻击者未能得逞，几乎没有受害者</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nLedger CTO：NPM攻击者未能得逞，几乎没有受害者\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-09-09 18:01 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//flash/311443><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats 消息，9 月 9 日，Ledger 首席技术官 Charles Guillemet 发文更新称，“NPM 攻击最新进展：幸运的是，攻击未能得逞，几乎没有受害者。攻击始于一个伪装成 npm 支持域名的钓鱼邮件，窃取用户凭证，使攻击者能够发布恶意软件包更新。注入的代码针对网络加密活动，侵入以太坊、Solana 等链，劫持交易，并直接在网络响应中替换钱包地址。攻击者的失误导致 CI...</p>\n\n<a href=\"https://www.theblockbeats.info//flash/311443\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"LU1261432733.SGD","symbol_name":"Fidelity World A-ACC-SGD","start_time":0,"source_url":"https://www.theblockbeats.info//flash/311443","article_id":"2566156695","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2566156695","pubTimestamp":1757412060,"columns":[],"sourceInfo":{"source_id":"theblockbeats_zh_live","name":"blockbeat"},"weMediaInfo":null,"summary":"BlockBeats 消息，9 月 9 日，Ledger 首席技术官 Charles Guillemet 发文更新称，“NPM 攻击最新进展：幸运的是，攻击未能得逞，几乎没有受害者。攻击始于一个伪装成","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"zh","relate_stocks":{"LU1261432733.SGD":"Fidelity World A-ACC-SGD","LU0868494617.USD":"UBS (LUX) EQUITY SICAV - US TOTAL YIELD SUSTAINABLE \"P\" (USD) ACC","CI":"信诺保险","ETHA":"以太坊ETF-iShares","IE00BSNM7G36.USD":"NEUBERGER BERMAN SYSTEMATIC GLOBAL SUSTAINABLE VALUE \"A\" (USD) ACC","IE0002270589.USD":"LEGG MASON CLEARBRIDGE VALUE \"A\" (USD) INC","FETH":"以太币ETF-Fidelity","LU0058720904.USD":"联博国际健康护理基金A","CD":"秦淮数据","ETHE":"以太坊ETF-Grayscale","BK4588":"碎股","03046":"华夏以太币","LU0289739699.SGD":"AB INTERNATIONAL HEALTH CARE PORTFOLIO \"A\" (SGD) ACC","BK4594":"比特币ETF概念","09009":"博时以太币-U","EZET":"以太坊ETF-Franklin","BK4601":"加密货币现货ETF","LU1059921491.USD":"NORDEA 1 GLOBAL STABLE EQUITY \"HB\" (USDHDG) ACC","03009":"博时以太币","BK4196":"保健护理服务","09179":"嘉实以太币现货ETF-U","03179":"嘉实以太币","IE00B19Z3581.USD":"Legg Mason ClearBridge - Value A Acc USD","ETHV":"以太坊ETF-VanEck","IBIT":"iShares Bitcoin Trust ETF","QETH":"以太坊ETF-Invesco Galaxy","BK4116":"互联网服务与基础架构","CETH":"以太坊ETF-21Shares","ETHW":"以太坊ETF-Bitwise","BK4585":"ETF&股票定投概念","09046":"华夏以太币-U","BK1611":"加密货币现货ETF","IE00B19Z3B42.SGD":"Legg Mason ClearBridge - Value A Acc SGD","ETH":"迷你以太坊ETF-Grayscale"},"translate_title":"Ledger CTO: NPM Attackers Fail, Few Victims","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"03009":1,"03046":1,"03179":1,"09009":1,"09046":1,"09179":1,"CD":1,"CETH":1,"CI":1,"ETH":1,"ETHA":1,"ETHE":1,"ETHV":1,"ETHW":1,"EZET":1,"FETH":1,"IBIT":1,"QETH":1},"content_text":"BlockBeats 消息，9 月 9 日，Ledger 首席技术官 Charles Guillemet 发文更新称，“NPM 攻击最新进展：幸运的是，攻击未能得逞，几乎没有受害者。攻击始于一个伪装成 npm 支持域名的钓鱼邮件，窃取用户凭证，使攻击者能够发布恶意软件包更新。注入的代码针对网络加密活动，侵入以太坊、Solana 等链，劫持交易，并直接在网络响应中替换钱包地址。攻击者的失误导致 CI/CD 流水线崩溃，从而实现早期检测，影响有限。尽管如此，这是一个明确的提醒：如果你的资金存放在软件钱包或交易所，只需一次代码执行，你就可能失去一切。供应链攻击仍然是强大的恶意软件传播途径，我们也看到越来越多针对性的攻击出现。硬件钱包专为抵御此类威胁而设计。像“清晰签名”这样的功能让你能够准确确认交易内容，而“交易检查”功能能在问题发生前标记可疑活动。眼前的危险可能已经过去，但威胁依然存在。保持安全。”BlockBeats 今日早些时候报道，目前正在发生一起大规模供应链攻击：一名知名开发者的 NPM 账号遭到入侵。受影响的包下载量已超过 10 亿次，这意味着整个 JavaScript 生态系统都可能面临风险。","kind":"live","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":1,"need_auth":false,"code":"91000000","status":"200"}}}