Urgent warning about malicious npm package attacking Atomic and Exodus wallets. Users advised to inspect and update their software.
A malicious package named ‘pdf-to-office’ has been identified in the npm repository targeting the encryption wallets of Atomic and Exodus. When installed on a user’s system, this package identifies specific versions of these wallets and replaces their original files with infected versions. As a result, users’ transactions are redirected to addresses belonging to attackers. This attack continues even after removing the npm package and can only be resolved by completely uninstalling and reinstalling the wallets. Users of these wallets should immediately inspect their software and update or reinstall it if necessary.
