Web3 Security Stack Highlights Threat from Malicious NPM Package

TheNewsCryptoPubblicato 2026-03-10Pubblicato ultima volta 2026-03-10

Introduzione

Web3 Antivirus has identified a malicious NPM package disguised as an OpenClaw installer that deploys a Remote Access Trojan (RAT) targeting macOS users. The package, once installed, launches a fake CLI installer and prompts for the Keychain password. If provided, it steals sensitive data including seed phrases, browser credentials, wallet information, and SSH keys, sending them to the attacker’s server. Previously, Web3 Antivirus warned about legitimate Chrome extensions—QuickLens and ShotBird—that turned malicious after ownership transfers. These were used to inject malicious scripts and steal user data, including exchange session details and wallet credentials. Looking ahead to 2026, key Web3 security threats include smart contract exploits (due to logic errors and access control issues), phishing, social engineering, wallet drainers, and oracle manipulation. The primary goals of these attacks are data theft and fund draining.

Web3 Antivirus, or Web3 security stack, has highlighted a threat from a malicious NPM package. It earlier flagged a threat from a legitimate Chrome extension. Notably, smart contract exploits and phishing & social engineering are some of the top Web3 security threats to lookout for in 2026.

Web3 Security Issue Flagged

Web3 Antivirus has published a post on X to inform the community that a malicious NPM package was caught deploying a RAT. It was disguised as an OpenClaw installer with the primary objective of stealing macOS credentials. Web3 Antivirus has further briefed the community about how the act was being carried out.

The package launches a fake CLI installer after it is installed normally. Once launched, it seeks macOS Keychain password. It is recommended not to do so because once shared, the malware can extract several pieces of information. This includes seed phrases, browser credentials, crypto wallet data, and SSH & cloud keys.

All the pieces find their way to the attacker’s server. Web3, with this, is seeing different types of threats for users worldwide.

Previously Flagged Threat

Web3 Antivirus previously flagged a threat from a legitimate Chrome extension. It warned that it was turning malicious after the ownership was transferred. This allows attackers to inject codes into web pages and steal the data of a user. The update, according to Web3 security stack, removed security headers and fingerprints before pulling malicious scripts from a remote server.

For the crypto community, such an act can turn into a theft for exchange sessions, compromised wallets, browser credentials, and seed phrase phishing.

It has named two extensions: QuickLens and ShotBird, adding that they have 7,000 and 800 users, respectively.

Top Web3 Security Threats in 2026

Some of the top Web3 security threats in 2026 are smart contract exploits and phishing & social engineering. The former largely pertains to vulnerabilities in code. This refers to infusing logic errors, input validation issues, and access control failures.

The latter, as the name suggests, involves making fake calls or impersonating partners to attack users and developers – even founders on some occasions.

Others on the list are wallet drainers, private key manipulation, and price oracle manipulation. The end goal of malicious actors is to steal data and drain funds or negatively impact the system.

Some of the common vulnerabilities are access control failures, logic errors, and unsigned API queries.

Highlighted Crypto News Today:

Nasdaq Collaboration Targets Pan-European Tokenized Securities Trading and Settlement

Domande pertinenti

QWhat type of malicious software was the NPM package caught deploying, and what was its primary objective?

AThe malicious NPM package was caught deploying a RAT (Remote Access Trojan). Its primary objective was to steal macOS credentials.

QWhat specific user information can the malware extract after obtaining the macOS Keychain password?

AThe malware can extract seed phrases, browser credentials, crypto wallet data, and SSH & cloud keys.

QWhat previously flagged threat did Web3 Antivirus warn about involving a legitimate Chrome extension?

AWeb3 Antivirus warned about a legitimate Chrome extension that turned malicious after ownership was transferred, allowing attackers to inject code into web pages and steal user data.

QWhat are two of the top Web3 security threats highlighted for 2026?

ATwo of the top Web3 security threats for 2026 are smart contract exploits and phishing & social engineering.

QWhat are the names of the two malicious Chrome extensions mentioned, and how many users do they have respectively?

AThe two malicious Chrome extensions are named QuickLens and ShotBird, with 7,000 and 800 users respectively.

Letture associate

Bitcoin Must Do This To Continue The Rally, Or It Will Be Over

A crypto analyst known as "Swarmik" has identified 17 key price levels where Bitcoin (BTC) could find support if selling pressure increases. The analysis suggests that BTC's overall outlook remains bullish, and any successful bounce from these levels could drive it back to all-time highs or beyond. The first critical support is at $70,931, followed by levels such as $68,931 (an "Imbalance Zone"), $66,638 (a "Reversal Line"), and $64,491 (a "Psychological Level"). Further down, Fibonacci retracements and other technical zones like "Fair Value Gap" and "Order Block" are highlighted. If the decline continues, lower supports include $51,612 ("Demand Zone") and $49,466 ("Supply Zone"). The analyst warns that a drop below $34,732 would invalidate the bullish structure, potentially ending the rally.

bitcoinist23 min fa

Bitcoin Must Do This To Continue The Rally, Or It Will Be Over

bitcoinist23 min fa

Ethereum Gains Institutional Spotlight – Here’s What The CEO Of Etherealize Has To Say

Ethereum is gaining significant institutional interest, with Etherealize CEO Vivek Raman positioning it alongside Bitcoin as a core institutional asset. Raman highlights ETH's proof-of-stake model, yield potential, and role in tokenized assets and stablecoins as key drivers for its growth. He emphasizes Ethereum's neutrality and trustless nature, making it ideal for global financial infrastructure. Long-term price projections from analysts like Julien CryptoBoost suggest ETH could reach between $12,000 and $38,000 by 2033, supported by growing stablecoin volumes, upcoming upgrades, and institutional adoption. Despite current bearish trends, Ethereum's fundamentals and fee generation indicate strong future potential, with some experts calling it undervalued.

bitcoinist1 h fa

Ethereum Gains Institutional Spotlight – Here’s What The CEO Of Etherealize Has To Say

bitcoinist1 h fa

Cardano Founder Warns XRP Investors, Is Ripple Doing Something Wrong?

Cardano founder Charles Hoskinson has warned XRP investors, claiming Ripple is dumping its XRP holdings to fund business acquisitions without benefiting token holders. He alleges Ripple controls 80% of the supply and uses sales to build Web 2.5 companies, with no buybacks or value distribution to XRP investors. Hoskinson also notes the lack of staking or DeFi mechanisms on XRPL reduces organic demand. Despite Ripple CEO Brad Garlinghouse calling XRP central to their vision, Hoskinson compares Ripple to Tether in accruing value solely for itself. XRP price fell nearly 2% to around $1.40.

bitcoinist3 h fa

Cardano Founder Warns XRP Investors, Is Ripple Doing Something Wrong?

bitcoinist3 h fa

Strategy Surpasses 800K BTC as $2.5B Bitcoin Buying Spree Continues

MicroStrategy, the world's largest public Bitcoin holder, has increased its total holdings to over 815,000 BTC after purchasing an additional 34,164 BTC for approximately $2.54 billion. This acquisition, executed at an average price of $74,395 per bitcoin, is the company's third-largest purchase by coin count. The buying spree, which occurred between April 13 and 19, was primarily funded through the sale of the company's STRC perpetual preferred security. The firm's average purchase price for its entire holdings now stands at $75,527 per bitcoin.

TheNewsCrypto3 h fa

Strategy Surpasses 800K BTC as $2.5B Bitcoin Buying Spree Continues

TheNewsCrypto3 h fa

Shiba Inu Crosses 20,000 Burn Transactions Milestone, Dogecoin Eyes X Money, But Why Are Prices Down?

Shiba Inu has surpassed 20,000 burn transactions, aiming to reduce its large token supply, while Dogecoin gains attention due to speculation about its potential integration into X's payment system, referred to as X Money. Despite these developments, both cryptocurrencies are experiencing downward price trends. Shiba Inu trades around $0.000006, showing short-term declines and limited demand, indicating that burn efforts alone aren't enough to boost prices in a weak market. Similarly, Dogecoin remains around $0.09, far from bullish projections, as market sentiment remains cautious without concrete implementation details. Ecosystem progress is overshadowed by a lack of strong capital inflows and broader crypto market uncertainty.

bitcoinist4 h fa

Shiba Inu Crosses 20,000 Burn Transactions Milestone, Dogecoin Eyes X Money, But Why Are Prices Down?

bitcoinist4 h fa

Trading

Spot

Futures