{"id":109567,"date":"2025-06-03T11:21:35","date_gmt":"2025-06-03T11:21:35","guid":{"rendered":"https:\/\/cybersecuritynews.com\/?p=109567"},"modified":"2025-06-03T11:24:28","modified_gmt":"2025-06-03T11:24:28","slug":"malicious-npm-packages-attacking-ethereum-wallets","status":"publish","type":"post","link":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/","title":{"rendered":"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript"},"content":{"rendered":"\n

A sophisticated cryptocurrency theft campaign has emerged on the npm package registry, targeting developers and cryptocurrency users through malicious packages designed to drain Ethereum and Binance Smart Chain wallets.<\/p>\n\n\n\n

The attack leverages heavily obfuscated JavaScript code to steal up to 85% of victims’ cryptocurrency holdings, demonstrating an evolving threat landscape where software supply chain attacks increasingly target digital assets.<\/p>\n\n\n\n

The malicious campaign centers around four npm packages published by a threat actor operating under the username @crypto-exploit, who registered using the email address bel11@list.ru from a Russian webmail service.<\/p>\n\n\n

\n
\"\"\/
Maintainer of malicious packages in question (Source – Socket.dev)<\/figcaption><\/figure><\/div>\n\n\n

These packages collectively amassed over 2,100 downloads before being identified and reported as malware, with the most successful package, env-process, alone accounting for 1,054 downloads.<\/p>\n\n\n\n

Socket.dev researchers identified<\/a> the malware campaign and noted that the threat actor employed increasingly sophisticated tactics across multiple iterations of their malicious packages.<\/p>\n\n\n\n

The packages masqueraded as legitimate cryptocurrency development tools, with names like pancake_uniswap_validators_utils_snipe, pancakeswap-oracle-prediction, ethereum-smart-contract, and env-process, designed to attract developers working with decentralized finance protocols and blockchain applications.<\/p>\n\n\n\n

The attack methodology relies on victims inadvertently installing these packages and storing their private cryptocurrency wallet keys as environment variables, a common practice in development environments.<\/p>\n\n\n\n

Once executed, the malicious code accesses these credentials and initiates unauthorized transactions to a hardcoded wallet address: 0x71448ec2D9c5fC4978F5A690D5CE11A8669C9D02.<\/p>\n\n\n\n

Blockchain analysis reveals that this address received multiple transactions totaling approximately $450 worth of Ethereum<\/a> during the campaign’s active period between 2021 and 2022.<\/p>\n\n\n\n

Advanced Obfuscation and Deception Techniques<\/strong><\/h2>\n\n\n\n

The most striking aspect of this malware campaign lies in its sophisticated use of JavaScript obfuscation<\/a> to evade detection and analysis.<\/p>\n\n\n\n

The threat actor employed hex-encoded string arrays to conceal the true nature of their code, making initial inspection extremely difficult for both automated scanning tools and human reviewers.<\/p>\n\n\n\n

A prime example of this obfuscation can be seen in the original pancake_uniswap_validators_utils_snipe package, where critical variables were encoded as hexadecimal values.<\/p>\n\n\n\n

The array var _0x450b = [\"\\x77\\x65\\x62\\x33\", \"\\x53\\x57\\x41\\x50\", \"\\x65\\x6E\\x76\"...]<\/code> translates to common JavaScript terms like “web3”, “SWAP”, and “env” when decoded.<\/p>\n\n\n\n

This technique effectively hides function calls such as require(\"web3\")<\/code> and process.env<\/code> from casual inspection.<\/p>\n\n\n\n

The deobfuscated code reveals the malware’s core functionality: connecting to either Ethereum or Binance Smart Chain networks based on environment variables, retrieving the victim’s wallet balance, and constructing a transaction to transfer 80-85% of the funds.<\/p>\n\n\n\n

The transaction logic follows this pattern: value: web3.utils.toWei((fbb * 80 \/ 100).toString(), \"ether\")<\/code>, where fbb represents the victim’s current balance.<\/p>\n\n\n\n

Notably, the threat actor deliberately avoids draining wallets completely, leaving 15-20% of funds untouched.<\/p>\n\n\n\n

This calculated approach serves dual purposes: maintaining sufficient balance for transaction fees and reducing the likelihood of immediate detection by victims who might not notice partial fund transfers.<\/p>\n\n\n\n

The campaign demonstrates concerning evolution in tactics, with later packages employing typosquatting<\/a> techniques and more streamlined code.<\/p>\n\n\n\n

The final iteration, env-process, likely targeted the legitimate Node.js process package, representing a maturation of the threat actor’s social engineering capabilities alongside their technical obfuscation methods.<\/p>\n\n\n\n

Speed up and enrich threat investigations with Threat Intelligence Lookup! -> 50 trial search requests<\/strong><\/a> <\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

A sophisticated cryptocurrency theft campaign has emerged on the npm package registry, targeting developers and cryptocurrency users through malicious packages designed to drain Ethereum and Binance Smart Chain wallets. The attack leverages heavily obfuscated JavaScript code to steal up to 85% of victims’ cryptocurrency holdings, demonstrating an evolving threat landscape where software supply chain attacks […]<\/p>\n","protected":false},"author":6,"featured_media":109606,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11,48],"tags":[149,151],"class_list":{"0":"post-109567","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security-news","8":"category-threats","9":"tag-cyber-security","10":"tag-cyber-security-news"},"yoast_head":"\nMalicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript<\/title>\n<meta name=\"description\" content=\"Malicious npm packages are targeting crypto users, stealing up to 85% of Ethereum\/BSC funds via obfuscated JavaScript in supply chain attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript\" \/>\n<meta property=\"og:description\" content=\"Malicious npm packages are targeting crypto users, stealing up to 85% of Ethereum\/BSC funds via obfuscated JavaScript in supply chain attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:published_time\" content=\"2025-06-03T11:21:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-03T11:24:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp\" \/><meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tushar Subhra Dutta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tushar Subhra Dutta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript","description":"Malicious npm packages are targeting crypto users, stealing up to 85% of Ethereum\/BSC funds via obfuscated JavaScript in supply chain attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/","og_locale":"en_US","og_type":"article","og_title":"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript","og_description":"Malicious npm packages are targeting crypto users, stealing up to 85% of Ethereum\/BSC funds via obfuscated JavaScript in supply chain attacks.","og_url":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_published_time":"2025-06-03T11:21:35+00:00","article_modified_time":"2025-06-03T11:24:28+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp","type":"","width":"","height":""},{"width":1600,"height":900,"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp","type":"image\/jpeg"}],"author":"Tushar Subhra Dutta","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp","twitter_creator":"@The_Cyber_News","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Tushar Subhra Dutta","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/"},"author":{"name":"Tushar Subhra Dutta","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/7eb7d8d026aa5dd566f134d4def5c05c"},"headline":"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript","datePublished":"2025-06-03T11:21:35+00:00","dateModified":"2025-06-03T11:24:28+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/"},"wordCount":524,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#primaryimage"},"thumbnailUrl":"https:\/\/i3.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp?w=1600&resize=1600,900&ssl=1","keywords":["cyber security","cyber security news"],"articleSection":["Cyber Security News","Threats"],"inLanguage":"en-US","copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/","url":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/","name":"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#primaryimage"},"thumbnailUrl":"https:\/\/i3.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp?w=1600&resize=1600,900&ssl=1","datePublished":"2025-06-03T11:21:35+00:00","dateModified":"2025-06-03T11:24:28+00:00","description":"Malicious npm packages are targeting crypto users, stealing up to 85% of Ethereum\/BSC funds via obfuscated JavaScript in supply chain attacks.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#primaryimage","url":"https:\/\/i3.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp?w=1600&resize=1600,900&ssl=1","contentUrl":"https:\/\/i3.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp?w=1600&resize=1600,900&ssl=1","width":"1600","height":"900"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/malicious-npm-packages-attacking-ethereum-wallets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"Malicious NPM Packages Attacking Ethereum Wallets Using Obfuscated JavaScript"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World's #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/7eb7d8d026aa5dd566f134d4def5c05c","name":"Tushar Subhra Dutta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f8bc0247220c7d4dea6c8b5a77d910613305ead17b13c2a7920b400435a848dd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f8bc0247220c7d4dea6c8b5a77d910613305ead17b13c2a7920b400435a848dd?s=96&d=mm&r=g","caption":"Tushar Subhra Dutta"},"description":"Tushar is a senior cybersecurity and breach reporter. He specializes in covering cybersecurity news, trends, and emerging threats, data breaches, and malware attacks. With years of experience, he brings clarity and depth to complex security topics.","url":"https:\/\/cybersecuritynews.com\/author\/tushar\/"}]}},"jetpack_featured_media_url":"https:\/\/i3.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjQOe5TCbXzQXo5R12ZkCUj2i0gJRJPTRwb6VaO52Kt6_sqfCkYtjtGjbAzPy7aOOaWsOhiSusy8HagKsiiVV5J3W5qv2QPsIkzhZRdcXVmMm-sL1ClkCCnFeN5EwrQexFD0CoxF-aVBPkq-oSUHEZIyAFixgx1Xmo6AWdgr9pKqJ0zash-3KKtiXqsPtw\/s16000\/Malicious%20NPM%20Packages%20Attacking%20Ethereum%20Wallets%20Using%20Obfuscated%20JavaScript.webp?w=1600&resize=1600,900&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/109567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=109567"}],"version-history":[{"count":3,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/109567\/revisions"}],"predecessor-version":[{"id":109608,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/109567\/revisions\/109608"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/109606"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=109567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=109567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=109567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}