<ciso brief/>
Tag Banner

All news with #exodus wallet tag

all tags →

Tue, September 2, 2025

Malicious npm Package Mimics Nodemailer, Targets Wallets

#Atomic Wallet #Electron #Exodus Wallet #npm #Supply Chain Backdoor #Supply-Chain Incident

🛡️ Researchers found a malicious npm package named nodejs-smtp that impersonated the nodemailer mailer to avoid detection and entice installs. On import the module uses Electron tooling to unpack an app.asar, replace a vendor bundle with a payload, repackage the application, and erase traces to inject a clipper into Windows desktop wallets. The backdoor redirects BTC, ETH, USDT, XRP and SOL transactions to attacker-controlled addresses while retaining legitimate mailer functionality as a cover.

read more →