Web3 Security Stack Highlights Threat from Malicious NPM Package

TheNewsCryptoPublicado a 2026-03-10Actualizado a 2026-03-10

Resumen

Web3 Antivirus has identified a malicious NPM package disguised as an OpenClaw installer that deploys a Remote Access Trojan (RAT) targeting macOS users. The package, once installed, launches a fake CLI installer and prompts for the Keychain password. If provided, it steals sensitive data including seed phrases, browser credentials, wallet information, and SSH keys, sending them to the attacker’s server. Previously, Web3 Antivirus warned about legitimate Chrome extensions—QuickLens and ShotBird—that turned malicious after ownership transfers. These were used to inject malicious scripts and steal user data, including exchange session details and wallet credentials. Looking ahead to 2026, key Web3 security threats include smart contract exploits (due to logic errors and access control issues), phishing, social engineering, wallet drainers, and oracle manipulation. The primary goals of these attacks are data theft and fund draining.

Web3 Antivirus, or Web3 security stack, has highlighted a threat from a malicious NPM package. It earlier flagged a threat from a legitimate Chrome extension. Notably, smart contract exploits and phishing & social engineering are some of the top Web3 security threats to lookout for in 2026.

Web3 Security Issue Flagged

Web3 Antivirus has published a post on X to inform the community that a malicious NPM package was caught deploying a RAT. It was disguised as an OpenClaw installer with the primary objective of stealing macOS credentials. Web3 Antivirus has further briefed the community about how the act was being carried out.

The package launches a fake CLI installer after it is installed normally. Once launched, it seeks macOS Keychain password. It is recommended not to do so because once shared, the malware can extract several pieces of information. This includes seed phrases, browser credentials, crypto wallet data, and SSH & cloud keys.

All the pieces find their way to the attacker’s server. Web3, with this, is seeing different types of threats for users worldwide.

Previously Flagged Threat

Web3 Antivirus previously flagged a threat from a legitimate Chrome extension. It warned that it was turning malicious after the ownership was transferred. This allows attackers to inject codes into web pages and steal the data of a user. The update, according to Web3 security stack, removed security headers and fingerprints before pulling malicious scripts from a remote server.

For the crypto community, such an act can turn into a theft for exchange sessions, compromised wallets, browser credentials, and seed phrase phishing.

It has named two extensions: QuickLens and ShotBird, adding that they have 7,000 and 800 users, respectively.

Top Web3 Security Threats in 2026

Some of the top Web3 security threats in 2026 are smart contract exploits and phishing & social engineering. The former largely pertains to vulnerabilities in code. This refers to infusing logic errors, input validation issues, and access control failures.

The latter, as the name suggests, involves making fake calls or impersonating partners to attack users and developers – even founders on some occasions.

Others on the list are wallet drainers, private key manipulation, and price oracle manipulation. The end goal of malicious actors is to steal data and drain funds or negatively impact the system.

Some of the common vulnerabilities are access control failures, logic errors, and unsigned API queries.

Highlighted Crypto News Today:

Nasdaq Collaboration Targets Pan-European Tokenized Securities Trading and Settlement

Preguntas relacionadas

QWhat type of malicious software was the NPM package caught deploying, and what was its primary objective?

AThe malicious NPM package was caught deploying a RAT (Remote Access Trojan). Its primary objective was to steal macOS credentials.

QWhat specific user information can the malware extract after obtaining the macOS Keychain password?

AThe malware can extract seed phrases, browser credentials, crypto wallet data, and SSH & cloud keys.

QWhat previously flagged threat did Web3 Antivirus warn about involving a legitimate Chrome extension?

AWeb3 Antivirus warned about a legitimate Chrome extension that turned malicious after ownership was transferred, allowing attackers to inject code into web pages and steal user data.

QWhat are two of the top Web3 security threats highlighted for 2026?

ATwo of the top Web3 security threats for 2026 are smart contract exploits and phishing & social engineering.

QWhat are the names of the two malicious Chrome extensions mentioned, and how many users do they have respectively?

AThe two malicious Chrome extensions are named QuickLens and ShotBird, with 7,000 and 800 users respectively.

Lecturas Relacionadas

Q2 2026 Bitcoin Valuation: Why $143,000 Remains Achievable?

In Q2 2026, Bitcoin's valuation target of $143,000 remains achievable, representing a potential 2x upside from the current $70,500 price. Despite a 27% decline since Q1, the overall macro environment remains supportive. Global M2 liquidity hit a record $13.44 trillion, though Chinese-driven liquidity (over 60% of growth) has limited access to Bitcoin markets. U.S. monetary policy, a key driver, faced delays due to Iran conflict-induced oil price spikes, pushing March CPI to 3.3% and reducing Fed rate cut expectations. However, the easing direction persists. On-chain metrics show recovery from panic zones, with key resistance at $78,000 (long-term holder cost basis). Institutional flows turned positive, with Bitcoin ETFs seeing net inflows and corporate buying accelerating. Yet, network activity reveals stagnation—active addresses fell 13.2% YoY, suggesting superficial transaction growth. The revised $143K target (down from $185.5K in Q1) applies a -10% adjustment for weak fundamentals (BTCFi ecosystem contraction) and +20% for macro support. Key catalysts include breaking $78K, sustained ETF inflows, and geopolitical stability aiding Fed policy shifts.

marsbitHace 18 min(s)

Q2 2026 Bitcoin Valuation: Why $143,000 Remains Achievable?

marsbitHace 18 min(s)

Goldman Sachs Bows Down, Bitcoin Finally Breaks Through the Gates of Wall Street

Wall Street giants, including Goldman Sachs, Morgan Stanley, Charles Schwab, and the New York Stock Exchange, have reversed their long-standing opposition to Bitcoin and are now actively embracing it. After years of dismissing Bitcoin as a scam, a bubble, or a tool for illicit activities, these institutions are launching Bitcoin ETFs, enabling spot trading, and building dedicated crypto infrastructure. Goldman Sachs, which once called Bitcoin a "fraud tool," is now offering Bitcoin ETFs. Morgan Stanley, which internally banned the term "cryptocurrency," has launched its largest-ever ETF backed by Bitcoin. Charles Schwab has opened spot crypto trading for its retail clients, integrating Bitcoin alongside traditional assets. The NYSE is building robust infrastructure to support digital assets, signaling a long-term commitment. This dramatic shift is driven not by a change in ideology but by economic necessity. As Bitcoin repeatedly survived market crashes and grew into a multi-trillion-dollar asset class, ignoring it became too costly. Wall Street’s business model relies on capturing fees, and Bitcoin’s rise represented a massive wealth transfer occurring outside their ecosystem. The fear of missing out (FOMO) and client demand forced these institutions to capitulate. The article frames this as a historic surrender to Bitcoin’s mathematical inevitability. Unlike the trust-based traditional financial system, Bitcoin operates on decentralized, transparent, and unchangeable rules. Its scarcity and resilience make it a hedge against fiat currency devaluation and systemic risk. The narrative has flipped: not holding Bitcoin is now seen as the greater risk. The author concludes that Bitcoin has not been co-opted by Wall Street; instead, it has co-opted Wall Street, marking a fundamental shift in the global financial architecture.

marsbitHace 1 hora(s)

Goldman Sachs Bows Down, Bitcoin Finally Breaks Through the Gates of Wall Street

marsbitHace 1 hora(s)

Cardano Maintains Lead As Most Actively Developed Network In The Crypto Space

Cardano has emerged as the most actively developed blockchain network in the crypto space, surpassing major competitors like Ethereum, XRP, and BNB Chain in all-time code commits. According to data from Everstake, the network has accumulated over 478,100 commits, reflecting a strong focus on infrastructure upgrades, protocol improvements, and ecosystem expansion. This development activity is seen as a key indicator of long-term fundamental strength, even as ADA’s price remains in a multi-year bear cycle. Analysts suggest that if the bearish trend continues, ADA could drop toward $0.10 by year-end, which may present a strategic buying opportunity for the next bull cycle.

bitcoinistHace 1 hora(s)

Cardano Maintains Lead As Most Actively Developed Network In The Crypto Space

bitcoinistHace 1 hora(s)

OpenAI Launches Workflow Agent, GPTs Begin Countdown

OpenAI has launched Workspace Agents, an evolution of GPTs designed for teams. This new feature allows users to create reusable, shareable agents that automate repetitive workflows. Driven by Codex, these agents operate within their own workspace, can access files, call tools, and run continuously in the background. Users describe a workflow—such as collecting information, making judgments, generating results, and sending outputs—to ChatGPT, which then builds the agent. The entire team can use and refine the agent via ChatGPT or Slack. Once set up, the agent runs autonomously. Workspace Agents are team-shared, code-free, and manageable with predefined permissions and controls. They are suitable for structured, repeatable tasks involving multiple tools and continuous operation, such as software review, feedback整理, report generation, sales follow-up, and risk assessment. The system operates within clear rules, with sensitive actions requiring human confirmation. It aims to transform workflows from being person-dependent to being documented, executable, and reusable—akin to scientific management principles. Competing solutions from Microsoft and Google are also emerging in this space.

marsbitHace 1 hora(s)

OpenAI Launches Workflow Agent, GPTs Begin Countdown

marsbitHace 1 hora(s)

The Richest Fed Chair in History? Three Challenges Kevin Warsh Is About to Face

Kevin Warsh, nominated by Trump as the next Federal Reserve Chair, faces three major challenges as he prepares to take office. With a personal investment portfolio exceeding $130 million, including holdings in crypto protocols and public chains, he is set to become the wealthiest Fed chair in history. Warsh, known for his historically hawkish stance, has recently shifted his position, arguing that AI is a powerful deflationary force that could boost productivity. However, rising CPI and energy prices pose a risk to this outlook. He strongly defended Fed independence, stating that it is eroded not by political pressure but by the institution’s own missteps, such as blurring the lines between monetary and fiscal policy during the 2021-2022 inflation period. Additionally, Warsh advocates for significant balance sheet reduction while potentially cutting rates—a combination that markets find unsettling. He also proposes modernizing inflation measurement with real-time data, including stablecoins and on-chain pricing, to improve policy responsiveness. His confirmation is currently delayed due to a political investigation into current Chair Powell, adding uncertainty to his appointment.

marsbitHace 1 hora(s)

The Richest Fed Chair in History? Three Challenges Kevin Warsh Is About to Face

marsbitHace 1 hora(s)

Trading

Spot

Futuros