Nine-Year-Old NPM Packages Hijacked to Steal Sensitive Information

Cybersecurity researchers have discovered that several cryptocurrency-related packages on the npm registry have been hijacked to steal sensitive information, such as environment variables, from compromised systems. Ax Sharma, a researcher at Sonatype, revealed that some of these packages, which have been on npmjs.com for over 9 years, offered legitimate functionalities to blockchain developers. However, recent versions of these packages contain obfuscated scripts designed to exfiltrate API keys and other sensitive data. The impacts include the compromise of systems using these packages, putting users' sensitive information at risk.