Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响

金色财经

Sep 09

【Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响】金色财经霸道，硬件钱包开发商Ledger首席技术官Charles Guillemet在X平台发文表示，此前可替换钱包地址的NPM攻击因及早发现未造成较大影响，几乎没有受害者。据他此前披露，某知名开发者的NPM帐户遭到入侵，导致JavaScript生态系统可能面临风险，恶意负载可通过替换加密地址窃取资金，如果使用硬件钱包，请在签名之前注意每笔交易，目前还不清楚攻击者是否可以直接从软件钱包中窃取助记词。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2566266036"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2566266036\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2566266036?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-09-09 16:54","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2566266036","market":"fut","top_or_hot":-1,"title":"Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响","media":"金色财经","content":"<html><body><p>【Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响】金色财经霸道，硬件钱包开发商Ledger首席技术官Charles Guillemet在X平台发文表示，此前可替换钱包地址的NPM攻击因及早发现未造成较大影响，几乎没有受害者。据他此前披露，某知名开发者的NPM帐户遭到入侵，导致JavaScript生态系统可能面临风险，恶意负载可通过替换加密地址窃取资金，如果使用硬件钱包，请在签名之前注意每笔交易，目前还不清楚攻击者是否可以直接从软件钱包中窃取助记词。</p></body></html>","source":"jinse_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nLedger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-09-09 16:54 北京时间&nbsp;&nbsp;&nbsp;<a href=https://x.com/P3b7_/status/1965336272550899932><strong>金色财经</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>【Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响】金色财经霸道，硬件钱包开发商Ledger首席技术官Charles Guillemet在X平台发文表示，此前可替换钱包地址的NPM攻击因及早发现未造成较大影响，几乎没有受害者。据他此前披露，某知名开发者的NPM帐户遭到入侵，导致JavaScript生态系统可能面临风险，恶意负载可通过替换加密地址窃取资金，如果使用硬件钱包，请...</p>\n\n<a href=\"https://x.com/P3b7_/status/1965336272550899932\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4160","symbol_name":"多样化房地产投资信托v","start_time":0,"source_url":"https://x.com/P3b7_/status/1965336272550899932","article_id":"2566266036","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2566266036","pubTimestamp":1757408048,"columns":[],"sourceInfo":{"source_id":"jinse_live","name":"金色财经"},"weMediaInfo":null,"summary":"【Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响】金色财经霸道，硬件钱包开发商Ledger首席技术官Charles Guillemet在X平台发文表示，此前可替换钱包地址的N","collect":0,"end_time":0,"defaultTopTitle":"x.com","property":[],"viewcount":null,"language":"zh","relate_stocks":{"BK4160":"多样化房地产投资信托v","LU1066051225.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AC\" (USD) ACC","LU1066051498.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (USD) INC","CTO":"CTO Realty Growth, Inc.","LU1066053197.SGD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM3\" (SGDHDG) INC","LU1066051811.HKD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (HKD) INC"},"translate_title":"Ledger CTO: NPM attacks that can replace wallet addresses have no big impact due to early detection","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"CTO":1},"content_text":"【Ledger CTO：可替换钱包地址的NPM攻击因及早发现未造成较大影响】金色财经霸道，硬件钱包开发商Ledger首席技术官Charles Guillemet在X平台发文表示，此前可替换钱包地址的NPM攻击因及早发现未造成较大影响，几乎没有受害者。据他此前披露，某知名开发者的NPM帐户遭到入侵，导致JavaScript生态系统可能面临风险，恶意负载可通过替换加密地址窃取资金，如果使用硬件钱包，请在签名之前注意每笔交易，目前还不清楚攻击者是否可以直接从软件钱包中窃取助记词。","kind":"live","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}