Nomic Foundation

The Nomic Foundation's Hardhat platform was attacked via supply chain exploitation, in which attackers utilized malicious npm packages imitating Hardhat plugins. These packages were downloaded more than one thousand times, aiming to steal private keys and sensitive configuration data from Ethereum developers. Such data theft could lead to compromised environments, potential backdoors in production systems, and substantial financial losses. The stolen information was encrypted and sent to attacker-controlled endpoints, making the impact profound on the Ethereum development community and potentially the DeFi ecosystem that relies on secure smart contract implementation.

Source: https://securityaffairs.com/172671/malware/malicious-npm-packages-target-ethereum-developers.html

"id": "nom000010825",
"linkid": "nomic-foundation",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"