Bitcoin, Blockchain & Cryptocurrency News

Hacker Infects a Popular Open Source Javascript Library to Steal Bitcoin

A hacker with access to a popular open-source Javascript Library has sneaked malicious code that steals Bitcoin and Bitcoin Cash Funds stored in BitPay Copay wallets. According to ZDNet’s article published on November 26, 2018, the Copay team mentioned that all version between 5.0.2 and 5.1.0. were infected and all users are advised to update to newer versions 5.2.0 and later, which no longer contain the dangerous code.

Code Designed to Steal Users’ Wallet Information

The incident occurred approximately three months ago. The original author due to limited time and interest outsourced the development responsibilities to another programmer called Right9ctrl.

According to Arstechnica, Right9ctrl inserted the malicious code in two different stages into event-stream, an extremely well-known code library that contains a Javascript npm package, which is used by a wide range of companies from large corporates to emerging startups. In the first stage, the hacker published version three on September 8 which contained a module called flatmap-steam.

Flatmap-steam initially did not have any dangerous code. However, during stage two on October 5, the hacker updated flatmap-steam to include the malicious code. The malicious code is designed to steal users’ wallet information such as their private keys and send the data to a server located in Kuala Lumpur.

Github user Ayrton Sparling discovered the bad code last Tuesday and released a report on Github. The officials with the NPM, the open source project manager responsible for hosting event-stream, however, failed to issue notice and an advisory until Monday the following week, six days from the date of discovery.

Malicious Code Targets BitPay’s Copay Wallet Users

The NPM officials mentioned that the malicious code was inserted to target people who use a BItcoin wallet created by Copay. A Copay official said in a Github discussion that the code was not implemented and deployed on any platforms.

After the post, Copay officials, however, updated their comment and mentioned that there were platforms that did contain the dangerous code. In response to the situation, Copay has released a blog post updating wallet users which versions were affected and warned users that they should avoid using the application until they have installed the latest version 5.2.0 that is free from the malicious code.

“This compromise…targeted a select few developers at a company, Copay, that had a very specific development environment setup,” said an NPM Official to Ars Technica. “Even then, the payload itself didn’t run on those develops’ computers; rather, it would be packaged into a consumer-facing app when the developers build a release,” NPM noted that the overall goal of the hacker was to steal cryptocurrencies from Copay’s end users since the malicious code was not designed to attack any developers.

Published by
Cindy Huynh

Recent Posts

Dreamr Announces Rapid Growth Over First 90 Days, Prepares to Launch Aggressive Marketing Push

Dreamr (Ticker: DMR on Bittrex Global), an innovative social networking and finance-based ecosystem providing alternatives…

2 hours ago

Bitcoin and Ether Market Update December 2, 2021

Total crypto market cap added $29 billion to its value for the period since Monday…

4 hours ago

Bitcoin (BTC) Futures Trading Rises on CME As Exchanges Prepare to Enter the Derivatives Market

According to statistics from glassnode, BTC futures trading is on the rise. The report follows…

5 hours ago Set to Launch Its Token Platform in December

Zug, Switzerland, 1 December 2021 – today announced that it is set to launch…

6 hours ago

Revolution in! We Are Testing the New Version of the No.1 Crypto Margin Trading Platform

The margin trading platform has recently experienced a real revolution. The team has been…

6 hours ago

Crypto Markets Due for a Bull Run. Factors to Base Your Allocation

Logic, emotions, and mathematical probabilities dictate that crypto markets represent a stable store of value…

7 hours ago

This website uses cookies.