Largest npm hack leaves crypto shaken

Reading time: 5 minutes

News | Crypto Converter | Crypto Calculators

npm supply-chain breach targets ETH and SOL flows, but theft stays tiny

Key points:

• A compromised npm maintainer account pushed malicious updates into widely used JavaScript packages, attempting to reroute crypto transactions.

• Despite the scale, on-chain takings were minimal so far, with researchers citing amounts under $50 and one malicious ETH address identified.

News - A large software supply-chain incident hit the JavaScript ecosystem after a prolific npm maintainer known as “qix” was phished, giving attackers credentials to republish popular packages with a crypto-focused payload. The injected code attempted to hijack transactions by detecting wallet contexts, swapping recipient addresses, and intercepting network calls. Security teams now face the costly work of auditing builds and rolling back to safe versions, even as the attacker’s direct gains appear small.

How the payload worked - Researchers say the malware checked for browser wallet contexts and modified Ethereum calls such as approve, permit, transfer, and transferFrom, redirecting flows to a single wallet. For Solana, it overwrote recipients with an invalid string that broke transfers. It also hijacked fetch and XMLHttpRequest to scan JSON and replace addresses with look-alikes from a hardcoded set.

Scope and impact - Warnings noted that affected packages have billions of weekly downloads across the ecosystem. Yet on-chain findings show only a few cents in ETH and about twenty dollars of an illiquid memecoin initially, later updated to less than fifty dollars total, tied to a single ETH address beginning 0xFc4a48. Hardware-wallet advocates stressed clear signing and independent screens.

Mitigation signals - Browser wallet teams reported they were not affected, citing version locking and defenses such as sandboxing and automated flagging. Experts said only specific versions of 18 packages were compromised and that rollbacks are available. Guidance includes freezing dependencies, reverting to clean versions, reinstalling, and rebuilding. Some developers advised delaying on-chain actions until projects confirm they have purged the bad packages.

Why it matters - One phished maintainer briefly put countless apps at risk, underscoring how deeply open-source dependencies touch crypto. The low haul does not reduce the structural risk that supply-chain compromises pose to wallets, dapps, and exchanges.

U.S. Bitcoin reserve plans ripple through markets, rivals, and investors

Key points:

• A House bill would require Treasury to deliver a 90-day feasibility and custody plan for a Strategic Bitcoin Reserve.

• Global reactions and new retail and institutional products underscore Bitcoin’s evolution into both a reserve asset and market instrument.

News - The U.S. is moving closer to formalizing a federal Bitcoin reserve. A House appropriations bill would direct the Treasury to produce a 90-day plan covering feasibility, custody, cybersecurity, interagency transfers, and accounting for government-held digital assets. Analysts suggest these standards could set benchmarks that shape industry practices far beyond Washington.

Macro backdrop - The push comes against a weakening dollar. U.S. job openings, ADP employment, and nonfarm payrolls all fell short of expectations in August, while ISM data remained soft. The euro closed near 1.1700 after touching 1.1759, its highest since July, highlighting the dollar’s fragility in global markets.

Market sentiment - Analyst Tom Lee projected Bitcoin could climb to $200,000 by year-end, pointing to anticipated Fed rate cuts and the cryptocurrency’s tendency to rally in fourth quarters. The September FOMC meeting is now seen as a crucial turning point.

Global view - Russia offered a stark critique. Presidential adviser Anton Kobyakov accused Washington of using stablecoins and gold to shift part of its $35 trillion debt burden, labeling it an “unfair tactic.” Moscow is preparing a ruble-backed stablecoin on Tron to reduce reliance on dollar-linked settlement networks.

Retail adoption - Retail momentum is also building. EasyJet founder Stelios Haji-Ioannou launched EasyBitcoin, a low-fee app with bonuses and yields, designed to normalize Bitcoin trading for the mass market. He said Trump’s second election had made Bitcoin “completely mainstream.”

Institutional products - Wall Street is not standing still. Cantor Fitzgerald unveiled a gold-protected Bitcoin fund targeting high-net-worth clients, offering 45% of Bitcoin’s upside over five years while using gold exposure to safeguard principal.

Why it matters - From Capitol Hill to Moscow, from retail apps to institutional funds, Bitcoin is being reframed as both a strategic reserve and a mainstream investment tool, reflecting its growing role across policy, geopolitics, and markets.

Trump Media ties Truth Social rewards to Cronos as $105M CRO deal fuels surge

Key points:

• Truth Social’s new “gems” can be converted into Cronos (CRO) through Crypto.com’s wallet infrastructure, sending CRO up nearly 7%.

• Trump Media has acquired 684.4 million CRO tokens worth $105 million, representing about 2% of the circulating supply.

News - Trump Media and Technology Group rolled out a major update to Truth Social this week, connecting its digital rewards program directly to cryptocurrency. Premium subscribers to the Patriot Package can now earn “Truth gems” through platform activities, which can be converted into Cronos (CRO) via Crypto.com’s wallet system. The move shifts the company away from earlier plans for a proprietary token, opting instead to integrate an established asset.

CRO responded with a near 7% price jump to $0.2782 following the announcement. Analysts note the added exposure could extend CRO’s role beyond its blockchain ecosystem into Trump Media’s mix of social media, streaming, and fintech services.

Trump Media’s CRO treasury - The update coincides with Trump Media’s acquisition of 684.4 million CRO tokens, worth roughly $105 million, from Crypto.com. The stash represents around 2% of the token’s circulating supply and will be custodied by the exchange, with plans to stake for yield. Analysts warn that such large-scale holdings risk creating artificial scarcity and volatility.

Platform upgrades - Alongside the rewards integration, Truth Social introduced new features for users: editing and scheduling posts, server-side drafts, group titles, and improved AI-powered search.

Why it matters - Trump Media’s strategy positions CRO at the intersection of politics, social media, and crypto investment. By coupling user rewards with a sizable treasury bet, the company is testing whether corporate token accumulation can drive long-term value or spark volatility in a market still sensitive to concentrated ownership.

Christie’s folds NFT unit into contemporary sales as art market contracts

Key points:

• Christie’s will continue selling digital art, including NFTs, inside its broader 20th and 21st Century Art category after closing its standalone NFT department.

• The shift arrives amid declining art sales and staff cuts, while NFT market metrics show mixed recovery signs.

News - British auction house, Christie’s, is winding down its dedicated NFT department and moving digital art sales into its contemporary categories. A spokesperson described it as a strategic reformatting, with the auction house confirming it will keep offering digital works without a standalone unit. Reports say two roles were eliminated, including the vice president of digital art, while at least one digital art specialist remains on staff.

The decision follows a period of high-profile Web3 activity at Christie’s, including the record $69.3 million Beeple sale in March 2021 and the launch of its on-chain platform in 2022. Analysts and advisors link the restructuring to a broader market slowdown. The Art Basel and UBS Art Market Report 2025 estimated global art sales fell 12 percent in 2024 to $57 billion, with auction house revenues down 20 percent to $23 billion.

Industry reactions - Digital art adviser Fanny Lakoubay said auction houses cannot justify a separate digital unit when it lags other categories. Collector Benji argued the issue is business model fit, pointing to high commission rates versus Web3-native, lower fee platforms.

Market pulse - NFT metrics have been choppy. Sources cite a rebound to roughly $9.3 billion market cap in August and a current level near $5.97 billion, with modest gains across top collections. In a parallel signal, OpenSea announced a $1 million reserve to acquire culturally relevant NFTs, beginning with CryptoPunk #5273.

Why it matters - Christie’s is not exiting digital art. Folding NFTs into core departments reflects how auction houses are recalibrating during a slower cycle while Web3 platforms test alternative fee and distribution models. The next phase may hinge on whether primary market development and new on-ramps can convert interest into sustainable secondary demand.

More stories from the crypto ecosystem

• Is Ethereum overstretched? Bulls eye $6K DESPITE revenue slipping by 22%

• HSBC, ICBC enter Hong Kong’s stablecoin race amid new rules – Details

• Why is crypto going up today? Fed rate cut bets, ETF inflows & more…

• Bitcoin’s retail takeover – Here’s why BTC whales are backing off!

• Metaplanet boosts Bitcoin reserves to $2.08B with latest $15.2M buy!

Interesting facts

• Argentina’s President Javier Milei faced over 100 criminal complaints after promoting the $LIBRA memecoin, which quickly collapsed, racking up ~$251 million in investor losses and triggering a scandal now dubbed “Cryptogate.”

• In the first half of 2025, global crypto thefts surged past $2.17 billion, surpassing the total stolen in all of 2024. High-profile breaches at exchanges like ByBit and CoinDCX played central roles.

• Gemini, the Winklevoss-founded crypto exchange, is going public on Nasdaq under the ticker “GEMI”, raising up to $317 million, and Nasdaq will invest $50 million and integrate Gemini’s custody and staking services into its institutional platform.

Fact-based news without bias awaits. Make 1440 your choice today.

Overwhelmed by biased news? Cut through the clutter and get straight facts with your daily 1440 digest. From politics to sports, join millions who start their day informed.

Sign up now!

Top 3 coins of the day

Celestia (TIA)

Key points:

• TIA climbed to $1.92, marking an 11.5% gain in the past 24 hours.

• The price closed above the upper Bollinger Band, while the Squeeze Momentum Indicator showed fading bearish pressure.

What you should know:

Celestia surged from $1.68 to $1.94 before closing at $1.92, supported by a sharp uptick in volume of 11.97M tokens. The breakout above the upper Bollinger Band highlighted strong bullish momentum, while shrinking red bars on the Squeeze Momentum Indicator suggested waning downside pressure. Key support now lies near the mid-Bollinger level of $1.68, with immediate resistance at the $1.94–$2.00 zone. Beyond the technicals, sentiment was boosted by the Celestia Foundation’s $62.5M buyback from Polychain in late July, which reduced near-term token unlock pressure. Optimism also stems from the upcoming Lotus upgrade, which aims to slash inflation from 5% to 0.25% and reform staking incentives. Traders are now watching if TIA can sustain closes above $1.80 to maintain upward momentum, with a decisive move over $2.00 potentially opening room for further gains.

Mantle (MNT)

Key points:

• MNT traded at $1.28 after climbing 8.59% in the last 24h, closing near the session’s high of $1.30.

• The 9-day SMA acted as support at $1.16, while the Elliott Wave Oscillator showed green bars, though with easing strength.

What you should know:

Mantle sustained its uptrend as price held firmly above the 9-day SMA, with intraday volume at 305K reflecting solid market participation. The Elliott Wave Oscillator stayed green but indicated softening momentum, suggesting buying pressure persisted but at a slower pace. Resistance is visible at $1.30, with the all-time high zone of $1.50–$1.51 as the next hurdle, while $1.16 serves as immediate support. On the catalyst front, MNT continued to draw attention following its Coinbase International Futures launch on August 21, which broadened access for institutional traders. Retail demand was also boosted by Bybit’s campaigns offering 36% APR and $250K in rewards, driving inflows and exchange dominance in MNT’s trading volume. Together, these factors contributed to the sustained bullish sentiment.

NEAR Protocol (NEAR)

Key points:

• NEAR traded at $2.75 after climbing 6.95% in the last 24h, closing near the day’s high of $2.79.

• The Parabolic SAR flipped bullish below the candles, while the MACD histogram stayed positive, confirming upward momentum.

What you should know:

NEAR extended its gains as price pushed toward $2.80, backed by strong trading volume of 12.64M. The MACD maintained a bullish crossover with positive histogram growth, while Parabolic SAR dots stayed below the candles, signaling continued buyer strength. Resistance sits at $2.88, with $2.57 providing immediate support. On the catalyst side, NEAR’s August upgrade halved annual token inflation from 5% to 2.5%, easing sell-side pressure. At the same time, ecosystem growth has been fueled by AI and DeFi adoption, with projects driving hundreds of millions in usage volume. Broader market dynamics also supported the rally, as capital rotated into altcoins amid a dip in Bitcoin dominance, lifting NEAR alongside peers.