Cyber Attack cyber

Nomic Foundation

Jan 8, 2025 1 min read
Nomic Foundation

The Nomic Foundation's Hardhat platform was attacked via supply chain exploitation, in which attackers utilized malicious npm packages imitating Hardhat plugins. These packages were downloaded more than one thousand times, aiming to steal private keys and sensitive configuration data from Ethereum developers. Such data theft could lead to compromised environments, potential backdoors in production systems, and substantial financial losses. The stolen information was encrypted and sent to attacker-controlled endpoints, making the impact profound on the Ethereum development community and potentially the DeFi ecosystem that relies on secure smart contract implementation.

Source: https://securityaffairs.com/172671/malware/malicious-npm-packages-target-ethereum-developers.html

TPRM report: https://scoringcyber.rankiteo.com/company/nomic-foundation

"id": "nom000010825",
"linkid": "nomic-foundation",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Blockchain/Cryptocurrency',
                        'name': 'Nomic Foundation',
                        'type': 'Organization'}],
 'attack_vector': 'Malicious npm packages',
 'data_breach': {'data_encryption': 'Yes',
                 'data_exfiltration': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Private keys',
                                              'Sensitive configuration data']},
 'description': "The Nomic Foundation's Hardhat platform was attacked via "
                'supply chain exploitation, in which attackers utilized '
                'malicious npm packages imitating Hardhat plugins. These '
                'packages were downloaded more than one thousand times, aiming '
                'to steal private keys and sensitive configuration data from '
                'Ethereum developers. Such data theft could lead to '
                'compromised environments, potential backdoors in production '
                'systems, and substantial financial losses. The stolen '
                'information was encrypted and sent to attacker-controlled '
                'endpoints, making the impact profound on the Ethereum '
                'development community and potentially the DeFi ecosystem that '
                'relies on secure smart contract implementation.',
 'impact': {'data_compromised': ['Private keys',
                                 'Sensitive configuration data']},
 'initial_access_broker': {'backdoors_established': 'Potential',
                           'entry_point': 'npm packages',
                           'high_value_targets': 'Ethereum developers'},
 'motivation': 'Financial gain, Data theft',
 'title': "Supply Chain Attack on Nomic Foundation's Hardhat Platform",
 'type': 'Supply Chain Attack',
 'vulnerability_exploited': 'Trust in npm packages'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.