New Bitcoin Hack - What You Need to Know
A new hack has just been discovered that directly targeted Bitcoin users. Here’s what happened, why it matters, and how to protect yourself.
A new hack has just been discovered that directly targeted Bitcoin users. Here’s what happened, why it matters, and how to protect yourself.
What happened?
On 8 September 2025, a reputable JavaScript developer's npm account was compromised through a sophisticated phishing attack. The hacker was then able to publish malicious versions of several widely-used JavaScript packages, which are fundamental building blocks for countless other applications. These compromised versions contained a "crypto-clipper" that was specifically designed to steal funds from cryptocurrency users, including Bitcoin holders.
More simply put: A software developer's account was hacked, allowing the attacker to change the code in popular programs that are used by many other websites and apps. The new code the hacker introduced would either silently swap your legitimate Bitcoin address for the hacker's address or alter a transaction in your browser before you approve it. This could happen in the background without you noticing, and if you approved the transaction without checking the details, your funds would be sent directly to the hacker.
If you want a more technical explanation, see this blog post:
Charlie Eriksen
How to prevent this:
To prevent this, there are a few key things you can do:
- Use a Hardware Wallet and Always Double-Check the address: A good hardware wallet is your best defense. When you approve a transaction on your hardware device, the device's screen shows you the exact address the funds are being sent to. It is crucial to always verify that the address you see on the hardware wallet's screen is the correct one before you approve the transaction.
- Confirm with the recipient: When you send bitcoin to other users, get them to read out their address verbally or ask them to double check the address they send you. If they are compromised, they might unknowingly give you a compromised address.
- Verify addresses when receiving bitcoin: Whenever you receive bitcoin to your hardware wallet, always double check the address you see on your computer matches the hardware wallet itself. The address you use to receive funds must also appear in your hardware wallet. For example, in Coldcard you need to navigate to "address explorer"
Always follow best practices:
These habits aren’t just for this specific hack - they protect you from a wide range of attacks and you should always be following these practices.
If you’re not 100% confident in your current setup - or want to build an ultra-secure wallet system from scratch - I offer 1-on-1 consulting to make sure your Bitcoin is safe:
