Cybersecurity researchers have uncovered a malicious npm package called nodejs-smtp that stealthily injects code into cryptocurrency wallet applications like Atomic and Exodus. This campaign demonstrates how simple dependencies can be exploited to modify desktop apps and divert digital assets. #AtomicWallet #Exodus #ElectronExploitation
Keypoints
- The npm package nodejs-smtp impersonates a legitimate email library to avoid suspicion.
- It exploits Electron tools to modify wallet app files and inject malicious payloads.
- The main goal is to redirect cryptocurrency transactions by overwriting recipient addresses.
- The package functions as a drop-in SMTP mailer, maintaining its harmless appearance during testing.
- This attack method demonstrates how dependencies can be exploited to compromise desktop cryptocurrency wallets.
Read More: https://thehackernews.com/2025/09/malicious-npm-package-nodejs-smtp.html