- INJ0%
BlockBeats News, July 10th, according to Socket monitoring, the Injective blockchain npm package @injectivelabs/sdk-ts was maliciously modified. The attacker compromised a developer's GitHub account to inject malicious code designed to steal wallet private keys and mnemonic phrases. The stolen data was then encoded and sent to an address disguised as a legitimate Injective network server.
The package had around 50,000 weekly downloads. The malicious version 1.20.21 showed suspicious commits starting on June 8th and was locked in 17 other packages within the Injective Labs npm scope. Users who did not directly install this SDK may also be affected.
免責事項:現在のコンテンツは第三者の視点に基づくもの、または第三者の視点からAIが直接翻訳したものです。CoinExはコンテンツの信頼性、正確性、独創性を保証するものではなく、CoinExからの投資アドバイスを構成するものではありません。暗号資産の価格変動は急激に変動します。潜在的なリスクにご注意ください。
- コインリスト価格24時間価格変動