Ethical Hacking News
A recent phishing attack targeting popular JavaScript code packages has highlighted the growing threat of supply-chain attacks on development teams. Akido's new malware detection technology offers a vital solution to protect code libraries from these types of attacks, and experts warn that a similar incident could have devastating consequences if not addressed promptly.
Phishing attacks targeting code libraries are becoming increasingly common. Many organizations are vulnerable to a single phishing attack due to inadequate security measures. The use of phishable forms of two-factor authentication (2FA) is a significant risk factor for supply-chain attacks. Akido's new product detects and prevents malicious software from being injected into widely-used code packages. Phishing emails were used to trick developers into logging in to fake websites and supplying their 2FA credentials. Malicious code was added to popular JavaScript code packages, allowing attackers to intercept cryptocurrency activity and manipulate wallet interactions.
Security experts and researchers are sounding the alarm on the growing threat of phishing attacks targeting code libraries used by development teams. Akido, a Belgian-based security firm, recently launched a new product designed to detect and prevent malicious software from being injected into widely-used code packages.
According to Nicholas Weaver, a researcher with the International Computer Science Institute, many organizations are still one successful phishing attack away from a supply-chain nightmare. Weaver emphasized that these types of attacks will continue as long as people responsible for maintaining widely-used code rely on phishable forms of two-factor authentication (2FA). The researcher stressed that physical security keys, which are phish-proof and can only be used with the key itself, should be required to secure critical infrastructure.
Akido's new offering is a significant development in this area. The company monitors new code updates to major open-source code repositories and scans for suspicious and malicious code. In a recent blog post, Akido revealed that its systems detected malicious code injected into at least 18 popular JavaScript code packages available on Node Package Manager (NPM), a central hub for JavaScript development.
The attack appears to have been launched via phishing emails that tricked developers into logging in to fake NPM websites and supplying their 2FA credentials. The phishers then used the compromised accounts to add malicious code to the affected libraries, which can intercept cryptocurrency activity, manipulate wallet interactions, and rewrite payment destinations to redirect funds to attacker-controlled accounts.
Akido's research team discovered that the attackers employed a sophisticated piece of malware that operates at multiple layers, altering content shown on websites, tampering with API calls, and manipulating what users' apps believe they are signing. Even if the interface looks correct, the underlying transaction can be redirected in the background.
In response to the attack, Akido notified the affected developer, Josh Junon, who quickly acknowledged having fallen victim to the phishing campaign. The security firm also alerted the maintainer of the compromised packages, who promptly began cleaning up the malicious code.
The incident highlights the need for developers and organizations to prioritize security when using widely-used code libraries. Experts warn that a similar attack with a more nefarious payload could quickly lead to a disruptive malware outbreak, which would be far more difficult to detect and restrain.
As the threat landscape continues to evolve, it is essential for developers and organizations to stay vigilant and take proactive measures to protect their code libraries from phishing attacks. Akido's new offering provides a critical tool in this effort, and its detection capabilities will undoubtedly help to mitigate the risk of such attacks in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Akido-Unveils-New-Malware-Detection-Technology-to-Protect-Code-Libraries-from-Phishing-Attacks-ehn.shtml
https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/
https://cryptonews.com/news/avoid-on-chain-transactions-ledger-cto-issues-urgent-warning-after-javascript-attack/
https://www.socinvestigation.com/comprehensive-list-of-apt-threat-groups-motives-and-attack-methods/
https://breach-hq.com/threat-actors
Published: Mon Sep 8 19:25:01 2025 by llama3.2 3B Q4_K_M
