Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist
The worm exposed Trust Wallet’s Developer GitHub secrets, allowing attackers to publish a backdoor extension and steal funds from 2,520 wallets. The post Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist appeared first on SecurityWeek.
The Shai-Hulud 2.0 self-replicating worm that hit the NPM registry in late November was responsible for the recent $8.5 million heist from cryptocurrency wallet Trust Wallet.
The theft came to light on December 25, when Trust Wallet announced that hackers targeted customers using version 2.68 of its Chrome browser extension.
In an incident post-mortem, the cryptocurrency wallet revealed that hackers published the malicious versions of the extension on December 24, and that all users who logged into their accounts between December 24 and 26 using the extension were affected.
Source: https://www.securityweek.com/shai-hulud-supply-chain-attack-led-to-8-5-million-trust-wallet-heist/
Related breach coverage
- Bitwarden NPM Package Hit in Supply Chain Attack2026-04-24
Tied to a fresh Checkmarx supply chain attack claimed by TeamPCP, the incident references the Shai-Hulud worm. The post Bitwarden NPM Package Hit in Supply Chain Attack appeared first on SecurityWeek.
- 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack2025-11-25
The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories. The post 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack appeared first on SecurityWeek.
- New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM2026-02-24
The malicious code propagates like a worm, poisons AI assistants, exfiltrates secrets, and contains a destructive dead switch. The post New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM appeared first on SecurityWeek.
- Autonomous AI Agents Provide New Class of Supply Chain Attack2026-02-23
While this campaign targets crypto wallets and steals money, the methodology has far wider potential that could be used by other attackers. The post Autonomous AI Agents Provide New Class of Supply Chain Attack appeared first on SecurityWeek.