安全提醒：另一知名开发维护者NPM账户遭入侵，被注入钱包窃取恶意软件

Blockbeats

Sep 09

BlockBeats 消息，9 月 9 日，据 Socket 监测，持续的 NPM 供应链攻击已从知名开发者 Qix 扩散至另一位高知名度维护者，负责 DuckDB 相关包的 NPM 账户 duckdb_admin 遭到入侵，多版恶意版本被发布。注入的代码与 Qix 账户受损时使用的钱包窃取恶意软件相同，这强烈表明两者属于同一攻击行动的一部分。

此前报道，Ledger CTO 表示，发生大规模供应链攻击，整个 JavaScript 生态系统都可能面临风险。但 NPM 攻击者未能得逞，几乎没有受害者。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2566946619"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2566946619\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2566946619?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-09-09 23:27","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2566946619","market":"us","top_or_hot":-1,"title":"安全提醒：另一知名开发维护者NPM账户遭入侵，被注入钱包窃取恶意软件","media":"Blockbeats","content":"<html><body><div><p>BlockBeats 消息，9 月 9 日，据 Socket 监测，持续的 NPM 供应链攻击已从知名开发者 Qix 扩散至另一位高知名度维护者，负责 DuckDB 相关包的 NPM 账户 duckdb_admin 遭到入侵，多版恶意版本被发布。注入的代码与 Qix 账户受损时使用的钱包窃取恶意软件相同，这强烈表明两者属于同一攻击行动的一部分。</p><p>此前报道，Ledger CTO 表示，发生大规模供应链攻击，整个 JavaScript 生态系统都可能面临风险。但 NPM 攻击者未能得逞，几乎没有受害者。</p></div></body></html>","source":"theblockbeats_zh_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>安全提醒：另一知名开发维护者NPM账户遭入侵，被注入钱包窃取恶意软件</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n安全提醒：另一知名开发维护者NPM账户遭入侵，被注入钱包窃取恶意软件\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-09-09 23:27 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//flash/311501><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats 消息，9 月 9 日，据 Socket 监测，持续的 NPM 供应链攻击已从知名开发者 Qix 扩散至另一位高知名度维护者，负责 DuckDB 相关包的 NPM 账户 duckdb_admin 遭到入侵，多版恶意版本被发布。注入的代码与 Qix 账户受损时使用的钱包窃取恶意软件相同，这强烈表明两者属于同一攻击行动的一部分。此前报道，Ledger CTO 表示，发生大规模供应链...</p>\n\n<a href=\"https://www.theblockbeats.info//flash/311501\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"CTO","symbol_name":"CTO Realty Growth, Inc.","start_time":0,"source_url":"https://www.theblockbeats.info//flash/311501","article_id":"2566946619","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2566946619","pubTimestamp":1757431620,"columns":[],"sourceInfo":{"source_id":"theblockbeats_zh_live","name":"blockbeat"},"weMediaInfo":null,"summary":"BlockBeats 消息，9 月 9 日，据 Socket 监测，持续的 NPM 供应链攻击已从知名开发者 Qix 扩散至另一位高知名度维护者，负责 DuckDB 相关包的 NPM 账户 duckd","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"zh","relate_stocks":{"CTO":"CTO Realty Growth, Inc.","LU1066051811.HKD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (HKD) INC","LU1066051498.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (USD) INC","LU1066053197.SGD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM3\" (SGDHDG) INC","BK4160":"多样化房地产投资信托v","LU1066051225.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AC\" (USD) ACC"},"translate_title":"Security reminder: Another well-known developer maintainer's NPM account was compromised and injected into his wallet to steal malware","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"CTO":1},"content_text":"BlockBeats 消息，9 月 9 日，据 Socket 监测，持续的 NPM 供应链攻击已从知名开发者 Qix 扩散至另一位高知名度维护者，负责 DuckDB 相关包的 NPM 账户 duckdb_admin 遭到入侵，多版恶意版本被发布。注入的代码与 Qix 账户受损时使用的钱包窃取恶意软件相同，这强烈表明两者属于同一攻击行动的一部分。此前报道，Ledger CTO 表示，发生大规模供应链攻击，整个 JavaScript 生态系统都可能面临风险。但 NPM 攻击者未能得逞，几乎没有受害者。","kind":"live","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}