Atomic and Exodus wallets become new targets for cyber security breach attacks

According to Cointelegraph, cybersecurity personnel have discovered a new threat. Attackers targeting Atomic Wallet and Exodus Wallet users are uploading malicious software packages to online code repositories with the intention of stealing cryptocurrency private keys. ReversingLabs security researchers pointed out that this vulnerability is exploited by hiding malicious code in seemingly legitimate npm packages, which are widely used by software developers.

The malicious software package locks locally installed Atomic Wallet and Exodus Wallet files through patch installation, overwriting original files to tamper with the user interface and induce unsuspecting victims to transfer cryptocurrencies to fraudulent addresses. As the cryptocurrency industry continues its cat-and-mouse game with hackers, supply chain attacks on software are becoming a new type of threat vector against coin holders - attackers use increasingly complex means of evasion in an attempt to steal user funds.