18+

TONLICIOUS

Telegram t.me web k

Статистика

Вся статистика

56391

Подписчики

Посты (30 дней)

1.33%

ERR%

0.00

Средний охват (сутки)

Язык

English

Описание:

Group chat : @tonlicioustalk

Телеграм канал TONLICIOUS @tonlicious добавлен на наш сайт 09.07.2022
Информация о канале обновлена 05.10.2025.

Посты

Все посты

Year 2077

Gas all in TON 🤣

Security Notification for TON Ecosystem Developers

Tech lead on TON ecosystem Anatoly Makosov reports a successful cyberattack targeting NPM packages, which has caused several popular libraries to become infected. Instructions to check for and fix these infections are now available for all developers in the TON ecosystem.

⚠️ Attack on popular NPM packages — technical details

Summary

A few hours ago, hackers gained access to some NPM accounts and published infected versions of popular libraries.

Many web products use these packages.

Although TON products, apparently, are not at risk, developers of multichain products should check their code, especially if you released something today.

List of compromised versions:

• ansi-styles@6.2.2
• debug@4.4.2
• chalk@5.6.1
• supports-color@10.2.1
• strip-ansi@7.1.1
• ansi-regex@6.2.1
• wrap-ansi@9.0.1
• color-convert@3.1.1
• color-name@2.0.1
• is-arrayish@0.3.3
• slice-ansi@7.1.1
• color@5.0.1
• color-string@2.1.1
• simple-swizzle@0.2.3
• supports-hyperlinks@4.1.1
• has-ansi@6.0.1
• chalk-template@1.1.1
• backslash@0.2.1

Important: only these specific versions are infected. All earlier and later versions are considered safe.

What the infected packages do

• Replace crypto wallet addresses.

• Intercept and redirect crypto transactions in products that use these packages.

Blockchains at risk: Ethereum, Bitcoin, Bitcoin Cash, TRON, Litecoin, Solana.

The TON blockchain is not on the list.

Your web product is at risk if:
• It works with Ethereum, Bitcoin, Bitcoin Cash, TRON, Litecoin, Solana.

and

• You built it a couple of hours ago;

or

• Your dependencies are loaded dynamically, without a fixed version (better never do this).

How to check

Look in package-lock.json for versions and packages from the list above.

If the version of at least one of the specified packages matches a compromised one, the project is infected.

How to fix

Fixes or rollbacks to previous versions have already been published for all packages.

Run npm install and rebuild the project.

Sources

https://jdstaerk.substack.com/p/we-just-found-malicious-code-in-the

https://github.com/chalk/chalk/issues/656#issuecomment-3266900029

https://github.com/debug-js/debug/issues/1005#issuecomment-3266868187

https://github.com/advisories/GHSA-8mgj-vmr8-frr6

https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised