Web3 Security Stack Highlights Threat from Malicious NPM Package

TheNewsCryptoОпубликовано 2026-03-10Обновлено 2026-03-10

Введение

Web3 Antivirus has identified a malicious NPM package disguised as an OpenClaw installer that deploys a Remote Access Trojan (RAT) targeting macOS users. The package, once installed, launches a fake CLI installer and prompts for the Keychain password. If provided, it steals sensitive data including seed phrases, browser credentials, wallet information, and SSH keys, sending them to the attacker’s server. Previously, Web3 Antivirus warned about legitimate Chrome extensions—QuickLens and ShotBird—that turned malicious after ownership transfers. These were used to inject malicious scripts and steal user data, including exchange session details and wallet credentials. Looking ahead to 2026, key Web3 security threats include smart contract exploits (due to logic errors and access control issues), phishing, social engineering, wallet drainers, and oracle manipulation. The primary goals of these attacks are data theft and fund draining.

Web3 Antivirus, or Web3 security stack, has highlighted a threat from a malicious NPM package. It earlier flagged a threat from a legitimate Chrome extension. Notably, smart contract exploits and phishing & social engineering are some of the top Web3 security threats to lookout for in 2026.

Web3 Security Issue Flagged

Web3 Antivirus has published a post on X to inform the community that a malicious NPM package was caught deploying a RAT. It was disguised as an OpenClaw installer with the primary objective of stealing macOS credentials. Web3 Antivirus has further briefed the community about how the act was being carried out.

The package launches a fake CLI installer after it is installed normally. Once launched, it seeks macOS Keychain password. It is recommended not to do so because once shared, the malware can extract several pieces of information. This includes seed phrases, browser credentials, crypto wallet data, and SSH & cloud keys.

All the pieces find their way to the attacker’s server. Web3, with this, is seeing different types of threats for users worldwide.

Previously Flagged Threat

Web3 Antivirus previously flagged a threat from a legitimate Chrome extension. It warned that it was turning malicious after the ownership was transferred. This allows attackers to inject codes into web pages and steal the data of a user. The update, according to Web3 security stack, removed security headers and fingerprints before pulling malicious scripts from a remote server.

For the crypto community, such an act can turn into a theft for exchange sessions, compromised wallets, browser credentials, and seed phrase phishing.

It has named two extensions: QuickLens and ShotBird, adding that they have 7,000 and 800 users, respectively.

Top Web3 Security Threats in 2026

Some of the top Web3 security threats in 2026 are smart contract exploits and phishing & social engineering. The former largely pertains to vulnerabilities in code. This refers to infusing logic errors, input validation issues, and access control failures.

The latter, as the name suggests, involves making fake calls or impersonating partners to attack users and developers – even founders on some occasions.

Others on the list are wallet drainers, private key manipulation, and price oracle manipulation. The end goal of malicious actors is to steal data and drain funds or negatively impact the system.

Some of the common vulnerabilities are access control failures, logic errors, and unsigned API queries.

Highlighted Crypto News Today:

Nasdaq Collaboration Targets Pan-European Tokenized Securities Trading and Settlement

TagsWeb3

Связанные с этим вопросы

QWhat type of malicious software was the NPM package caught deploying, and what was its primary objective?

AThe malicious NPM package was caught deploying a RAT (Remote Access Trojan). Its primary objective was to steal macOS credentials.

QWhat specific user information can the malware extract after obtaining the macOS Keychain password?

AThe malware can extract seed phrases, browser credentials, crypto wallet data, and SSH & cloud keys.

QWhat previously flagged threat did Web3 Antivirus warn about involving a legitimate Chrome extension?

AWeb3 Antivirus warned about a legitimate Chrome extension that turned malicious after ownership was transferred, allowing attackers to inject code into web pages and steal user data.

QWhat are two of the top Web3 security threats highlighted for 2026?

ATwo of the top Web3 security threats for 2026 are smart contract exploits and phishing & social engineering.

QWhat are the names of the two malicious Chrome extensions mentioned, and how many users do they have respectively?

AThe two malicious Chrome extensions are named QuickLens and ShotBird, with 7,000 and 800 users respectively.

Похожее

UK House Of Lords Urges BoE To Ease Stablecoin Rules Over Competitiveness Concerns

The UK House of Lords has urged the Bank of England (BoE) to revise its proposed stablecoin regulations, warning that overly strict rules could harm the country's competitiveness. While supporting core principles like 1:1 backing, a parliamentary committee criticized specific proposals. These include a requirement for issuers to hold 40% of reserves as non-interest-bearing bank deposits and suggested caps on individual and corporate holdings. The committee argued these measures create operational burdens, hinder the growth of pound-based stablecoins, and could cause the UK to fall behind other jurisdictions with clearer regimes. The report follows industry pressure, and the BoE has indicated openness to easing its "overly conservative" plans, with final rules expected soon.

bitcoinist29 мин. назад

UK House Of Lords Urges BoE To Ease Stablecoin Rules Over Competitiveness Concerns

bitcoinist29 мин. назад

Casper Launches AI Toolkit for Autonomous Agents and Builders

The Casper Association has launched the Casper AI Toolkit, described as the most extensive AI offering on any Layer 1 blockchain. This toolkit enables AI agents to function as both autonomous economic actors and independent builders. As economic actors, agents can conduct micropayments in seconds via the x402 protocol, allowing them to pay for API calls and services directly without human intervention or traditional billing systems. They can also interact with the Casper network using the Model Context Protocol (MCP) for tasks like querying balances and executing DeFi transactions through natural language. As builders, AI agents can use the Odra Framework and CSPR.build Agent Skills to autonomously design, test, and deploy smart contracts from concept to mainnet, without human assistance. This creates a closed-loop "machine economy" where AI agents can both build services and pay to use services built by other agents. The release is the first major project from the Casper Manifest, a multi-year technological plan. The Casper Association is supporting adoption with a $150,000 "Agentic Buildathon" for developers, featuring sponsored transaction fees. Future development includes account abstraction to give agents their own on-chain identities and spending rights.

TheNewsCrypto38 мин. назад

Casper Launches AI Toolkit for Autonomous Agents and Builders

TheNewsCrypto38 мин. назад

SpaceX, OpenAI, Anthropic: The Three AI Giants Racing for IPO, Which One Is Worth Betting On?

SpaceX, OpenAI, and Anthropic are poised for historic IPOs within weeks, potentially raising a combined $180 billion—a sum exceeding the entire internet bubble's fundraising. The hosts of the Limitless Podcast argue this isn't just individual company financing but an unprecedented capital concentration for AI infrastructure, driven by an insatiable need for compute, data centers, power, and chips. SpaceX's IPO is notable for reportedly changing market index rules to allow faster inclusion, potentially funneling trillions in passive retirement funds into its stock, despite its unproven space-based data center business model. In contrast, Anthropic demonstrates explosive growth, with ARR reportedly hitting $45 billion and approaching profitability, fueled by strong enterprise adoption of products like Claude Code. Google's separate $80 billion raise highlights the immense capital pressure, even for giants. The discussion acknowledges bubble risks but leans optimistic. The hosts contend the massive spending is building essential physical infrastructure for the next technological era. A key bottleneck isn't capital but the real-world limits of chip manufacturing and construction speed. As long as demand for AI compute outstrips supply, this investment cycle represents a foundational build-out rather than a purely financial bubble. All three companies are seen as foundational bets on the future, with Anthropic often cited as the most immediately compelling due to its proven revenue trajectory.

marsbit2 ч. назад

SpaceX, OpenAI, Anthropic: The Three AI Giants Racing for IPO, Which One Is Worth Betting On?

marsbit2 ч. назад

From 'Old Guys' to 'New Favorites': How AI Is Revaluing Old Infrastructure from Dell to Nokia?

From "Vintage Tech" to "New AI Darlings": How AI Revalues Old Infrastructure One year ago, tech giants like Dell, Nokia, Cisco, and Western Data were seen as slow-growth, low-valuation stories, far from the AI spotlight dominated by players like Nvidia. Now, these legacy tech stocks are gaining market attention, sparking debate on whether this is genuine industry revaluation or a temporary narrative. As AI moves from model parameters to real-world data centers, the market is recognizing companies with proven delivery and infrastructure capabilities. This shift marks a change in the AI investment thesis: from pure model and GPU focus to the complex systems engineering required for deployment. Companies like Dell, HPE, and Corning are being revalued not for being "sexy" AI innovators, but for their decades of accumulated expertise in supply chains, enterprise delivery, and infrastructure—assets that have become critical in the AI buildout phase. The revaluation is unfolding across three key infrastructure lines: 1. **Servers & System Integration:** Dell and HPE are emerging as crucial system integrators or "general contractors" for AI data centers, translating GPU orders into complete, deployable server racks integrated with power, cooling, and networking. 2. **Networking & Connectivity:** AI's scale demands robust high-speed connections. Corning (fiber optics), Nokia (AI-RAN, 6G), and Cisco (data center switches) are gaining importance for enabling efficient data transfer within and between AI clusters. 3. **Storage:** Beyond high-speed memory (HBM/DRAM), the AI data explosion is driving demand for high-capacity hard drives (HDDs) from companies like Western Digital and Seagate to handle training data, logs, and cold storage cost-effectively. For this revaluation to be substantive and not just a narrative, three criteria are key: 1) Concrete AI-related order and revenue growth (e.g., Dell's AI server sales), 2) Upward revisions to company financial guidance, and 3) Sustainable improvements in profit quality, not just top-line revenue spikes. In essence, AI's transition to a real construction phase is re-pricing "old assets" against "new demand." The opportunity, however, is selective. Only those legacy firms that are demonstrably integrated into the capital expenditure chains of data center and enterprise AI deployment are likely to experience a true "logic re-rating" rather than just a temporary valuation bounce.

marsbit2 ч. назад

From 'Old Guys' to 'New Favorites': How AI Is Revaluing Old Infrastructure from Dell to Nokia?

marsbit2 ч. назад

The Merger of Codex and ChatGPT Marks the Beginning of a Major Reshuffle in Programming Tools

OpenAI is shifting its strategic focus from ChatGPT to Codex, merging them along with the browser tool Atlas into a unified desktop super-app. This move signals an internal belief that Codex, originally a programming tool, represents the next evolution of AI more than conversational models like ChatGPT. Over the past year, Codex's weekly active users have surged past 5 million. The key distinction is that while ChatGPT answers questions, Codex executes tasks. Enterprises increasingly value this ability to get work done over simply receiving advice. Consequently, Codex is attracting professionals beyond developers, including analysts, bankers, marketers, and product managers. OpenAI's reorganization and increased investment in Codex stem from recognizing that the future of AI competition lies in execution capabilities, not just conversation. The company is launching role-specific plugins (e.g., for data analysis, sales, design) to transform Codex into a broad knowledge work platform that automates and redefines white-collar workflows. Beyond being a tool, Codex reflects OpenAI's ambition to redefine software. New features like "Sites"—which generates interactive websites from documents—and collaborative "Annotations" aim to create a paradigm where the AI understands the goal and handles the tools and steps, functioning more like a digital colleague than traditional software. The ultimate goal is a unified experience where the user cares only about the completed task.

marsbit2 ч. назад

The Merger of Codex and ChatGPT Marks the Beginning of a Major Reshuffle in Programming Tools

marsbit2 ч. назад

Торговля

Спот
Фьючерсы
活动图片

Популярные категорииright-arrow

Популярные тегиright-arrow