Security News > 2025 > February > North Korea targets crypto developers via NPM supply chain attack

North Korea targets crypto developers via NPM supply chain attack

2025-02-13 12:00

Yet another cash grab from Kim's cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

News URL

https://go.theregister.com/feed/www.theregister.com/2025/02/13/north_korea_npm_crypto/

#attack #crypto #developer #korea #northkorea #NPM #supplychain

Related news

Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack (source)
Ripple NPM supply chain attack hunts for private keys (source)
Supply chain attack hits npm package with 45,000 weekly downloads (source)
Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering (source)
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks (source)
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges (source)
Developers Beware: Slopsquatting & Vibe Coding Can Increase Risk of AI-Powered Attacks (source)
Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
Magento supply chain attack compromises hundreds of e-stores (source)
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.