The malicious code was detected earlier today by a cybersecurity researcher Maciej Mansfeld. It could also compromise dozens of crypto services and platforms DyDx, one of the giants in the decentralized finance sector. DyDx quickly announced that the patch had been applied, but the threat appeared to be serious and called for maximum caution.
Cyber Vigilance in the Crypto Ecosystem
Computer security expert Dr Maciej Mansfeld From a cyber security company repairreported that his investigation led him to discover an npm set Multiple npm packages) potentially infected with malicious code.
Initially made available in open source by the DEX (decentralized exchange) DyDx, this code published by Mensfeld on GitHub will be sufficient to remove sensitive user information from the platform where it will be deployed.
the ” npm single package“, has an Ethereum library Smart contract And typescript. It appears to have been originally made available by a DyDx employee However, at the heart of this package lies malicious code that aims to extract confidential information about users in order to send them to a foreign IP address.
While details are yet to be communicated, this package can be deployed on more than 40 other crypto platforms.
The DyDx team is there Let it be known A correction was made 2 hours after the warning. The platform emphasized that user funds were not compromised, nor were the smart contracts on the decentralized exchange.
Do you support the Bitcoin revolution? It’s up to you to get on the crypto train! To do this, and start familiarizing yourself with this exciting world, do not wait for you Create an account on BinanceReference Bitcoin and Crypto Exchanges (Commercial Links).