Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    MiCA Deadline Hits Top Safe Crypto Platforms for EU Users in July 2026
    MiCA Deadline Hits: Top Safe Crypto Platforms for EU Users in July 2026
    MSTR, STRC, and Michael Saylor’s Pragmatic Turn Strengthening Credit in a Volatile Bitcoin Era
    MSTR, STRC, and Michael Saylor’s Pragmatic Turn: Strengthening Credit in a Volatile Bitcoin Era
    MiCA's July 1 Deadline What It Means for Your Crypto in Europe
    MiCA’s July 1 Deadline: What It Means for Your Crypto in Europe
    STRC Drops 19% Below Par Was Peter Schiff Right About Saylor Deceiving Investors
    STRC Drops 19% Below Par: Was Peter Schiff Right About Saylor Deceiving Investors?
    Litecoin Summit Day 2 LitVM's $50M Bet and BasicSwapDEX's Bold Vision
    Litecoin Summit Day 2: LitVM’s $50M Bet and BasicSwapDEX’s Bold Vision
  • Opinion
    OpinionShow More
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
    Is Crypto Dying, or Is Pump.fun Turning It Into an Attention Casino
    Is Crypto Dying, or Is Pump.fun Turning It Into an Attention Casino?
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
Market News

Mini Shai Hulud Malware Targets Crypto Wallets via npm Packages

The worm specifically targets cryptocurrency wallet files along with cloud credentials, SSH keys, and npm tokens, exfiltrating stolen data through the victim's own GitHub account.

Written By Dhara Chavda Dhara Chavda
Published 2026-05-12·Updated 2 months ago
Make The Crypto Times preferred on GoogleGoogle
Share
Mini Shai Hulud Malware Targets Crypto Wallets via npm Packages
Show AI Summary
The Mini Shai-Hulud worm’s impact is expected to escalate as it continues to compromise JavaScript packages.
Blockchain security firm SlowMist’s critical threat alert warns of severe consequences for cryptocurrency wallets and cloud credentials.
TeamPCP’s attribution to the attack signals a significant escalation in supply chain operations, potentially leading to more severe breaches.

Blockchain security firm SlowMist has issued a critical threat intelligence alert on “Mini Shai-Hulud,” a self-propagating npm worm that has compromised more than 170 JavaScript packages — including foundational developer tools from TanStack, UiPath, Mistral AI, and DraftLab — to steal cryptocurrency wallets, cloud credentials, and CI/CD secrets at scale.

The alert, classified as severity “Critical” under identifier SM-2026-561840, was published alongside indicators of compromise, including malicious IP addresses and domains (git-tanstack[.]com, seed1[.]getsession[.]org) and a list of compromised package artifacts spanning the @tanstack, @uipath, @mistralai, @squawk, and @draftlab namespaces.

🚨 MistEye TI Alert 🚨

MistEye has detected a highly sophisticated npm worm, "Mini Shai-Hulud," spreading through trusted developer projects like TanStack, UiPath, and DraftLab. The attackers hijacked GitHub credentials to publish malicious, yet seemingly legitimate, package… pic.twitter.com/XPCDyavFtI

— SlowMist (@SlowMist_Team) May 12, 2026

The attack is attributed to the threat group TeamPCP, which has been escalating its supply chain operations since September 2025 — previously compromising Aqua Security’s Trivy vulnerability scanner in March 2026 and the Bitwarden CLI npm package in April 2026.

How the Worm Works

Unlike traditional npm malware that relies on typosquatting — publishing similarly named packages to trick developers — Mini Shai-Hulud hijacks the legitimate build pipeline itself. The attack chain, documented in detail by StepSecurity, Socket, Wiz, and Snyk, exploits a three-step vulnerability chain in GitHub Actions.

First, the attacker created a fork of the TanStack/router repository on May 10 using the GitHub account “voicproducoes,” deliberately renaming it to avoid appearing in fork-list searches. They then opened a pull request that triggered a pull_request_target workflow — a GitHub Actions trigger type that runs with base-repository permissions even for fork PRs — and used it to poison the shared GitHub Actions cache with a malicious pnpm dependency store.

When a legitimate maintainer PR was merged the next day, the release workflow restored the poisoned cache. The malicious code then extracted OIDC tokens directly from the GitHub Actions runner’s process memory and used them to publish malicious versions of the packages through the project’s own release pipeline.

The result: malicious packages published under the real TanStack namespace, from the real build infrastructure, with real cryptographic attestations.

First Npm Worm With Valid SLSA Provenance

In what security researchers are calling an unprecedented escalation, the compromised packages carry valid SLSA Build Level 3 provenance attestations — cryptographic certificates generated by Sigstore that are meant to verify a package was built from a trusted source. This means automated security scanners checking for provenance would have marked the malicious packages as legitimate.

“SLSA provenance confirms which pipeline produced the artifact, not whether the pipeline was behaving as intended,” StepSecurity’s analysis noted. The distinction is critical: if the build pipeline itself is compromised, every downstream trust check fails silently.

This is the first documented npm supply chain attack to produce validly attested malicious packages — a landmark failure of the current provenance verification model.

Crypto Wallets: A Primary Target

The worm’s payload — a heavily obfuscated 2.3 MB JavaScript file disguised as router_init.js — runs using the Bun JavaScript runtime specifically to evade Node.js-based security monitoring tools. Once executed, it aggressively harvests sensitive data from over 100 file paths.

Cryptocurrency assets are a primary target. The malware specifically searches for and exfiltrates wallet files and keys for Bitcoin, Ethereum, Monero, Zcash, Electrum, Exodus, Atomic Wallet, and others. It also targets browser extension data associated with MetaMask and Phantom. Beyond crypto, the payload harvests AWS, Azure, GCP, and Kubernetes credentials, SSH keys, VPN configurations, npm tokens, GitHub PATs, and even AI tool settings.

The stolen data is encrypted using AES-256-GCM and exfiltrated through three redundant channels: a typosquat domain (git-tanstack[.]com), the decentralized Session messenger network, and GitHub API dead drops—repositories created on the victim’s own account with the description “A Mini Shai-Hulud has Appeared.” The GitHub-native exfiltration is particularly insidious, as it blends with normal developer activity.

The Dead Man’s Switch

The worm includes a destructive failsafe mechanism. On developer machines, the malware installs a persistent daemon (via macOS LaunchAgent or Linux systemd) that polls GitHub every 60 seconds to check if stolen tokens are still valid. If it detects that a token has been revoked—a natural first step in incident response—the daemon triggers a destructive routine that attempts to execute rm -rf ~/, wiping the user’s entire home directory.

Security researchers have warned organizations not to revoke tokens until the infected machine is fully isolated, disconnected from the internet, and its drive has been imaged for forensic analysis—a counterintuitive but critical step.

Scale of the Blast Radius

The attack’s impact is enormous. @tanstack/react-router alone has approximately 12 million weekly downloads. Across all compromised namespaces, more than 25,000 repositories tied to hundreds of developers have been affected. The npm team is actively removing malicious versions, and TanStack maintainer Tanner Linsley has confirmed that the team shut down all publishing pipelines while investigating.

Critically, because many of the compromised packages are transitive dependencies, developers may be running the malicious code even if they never directly installed a TanStack package—simply because one of their other tools depends on it.

Socket detected and flagged the compromised artifacts within six minutes of publication. The attack has been assigned CVE-2026-45321.

Why Crypto Developers Are Especially Vulnerable

SlowMist emphasized that developers working on blockchain, DeFi, or Web3 projects are prime targets because their environments frequently store or interact with private keys, seed phrases, wallet.dat files, and signing credentials. A single compromised CI/CD pipeline can lead to drained wallets, unauthorized transactions, or downstream attacks on smart contracts and deployed infrastructure.

This is not a theoretical risk. In previous Shai-Hulud waves, the Trust Wallet team experienced a compromise linked to stolen credentials from the same worm family. The September 2025 npm supply chain attack — which compromised the Chalk package (2 billion weekly downloads) — injected code that replaced cryptocurrency wallet addresses at execution time, though financial losses were limited to approximately $500 due to a fortuitous crash in the attacker’s code.

The Mini Shai-Hulud campaign is significantly more sophisticated, with the self-propagation mechanism, valid provenance attestation, multi-channel exfiltration, and destructive failsafe representing a generational leap in supply chain attack capability.

Recommendations

SlowMist and multiple security firms urge immediate action for anyone who ran npm install on any @tanstack/, @uipath/, @mistralai/, @squawk/, or @draftlab/* package on or after May 11: treat the install environment as fully compromised. Rotate all credentials — GitHub tokens, npm accounts, cloud keys, SSH keys, and any cryptocurrency wallet seeds or private keys that may have been accessible. Audit CI/CD pipelines for the presence of router_init.js or suspicious preinstall hooks. Monitor for unauthorized GitHub repositories. Do not revoke tokens before isolating and imaging the machine.

Also Read: Bybit Uncovers macOS Malware Campaign Targeting Developers Searching for Claude Code

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

TAGGED:BlockchainCrypto Scam
Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link
Dhara Chavda
By Dhara Chavda
Follow:
Dhara Chavda is a Research Analyst at The Crypto Times. She covers U.S. crypto regulation — including the CLARITY Act and GENIUS Act — DeFi security and major protocol exploits, and investigations into crypto fraud and enforcement actions. Her work emphasizes primary sourcing and on-chain verification over secondary commentary. Dhara joined The Crypto Times in 2020 and has followed every major market cycle since — the 2021 bull run, the 2022 Terra and FTX collapses, the 2023 banking turmoil, the 2024 spot Bitcoin ETF launch, and the 2025–2026 regulatory cycle — first assigning and reviewing the desk's coverage, and now writing it herself. Her reporting has been cited by international outlets including TheStreet and Argentina's La Nación. She holds a Bachelor of Engineering in Computer Engineering from Gujarat Technological University (GTU), which informs her technical reporting on on-chain data, smart contract analysis, and protocol architecture.

Latest News

American Bitcoin (ABTC) Drops 8% Despite Reverse Stock Split Announcement
American Bitcoin (ABTC) Drops 8% Despite Reverse Stock Split Announcement
Robinhood Debuts Layer 2 Chain With Stock Tokens, Perps
Robinhood Debuts Layer 2 Chain With Stock Tokens, Perps
Coinbase CEO Brian Armstrong Calls for Crypto in Economic Reset
Coinbase CEO Brian Armstrong Calls for Crypto in Economic Reset
Bitcoin Price Prediction July 2026: Will BTC Go Up or Crash?
Bitcoin Price Prediction July 2026: Will BTC Go Up or Crash?
Bank of Korea Backs Tokenized Bonds as RWAs Gain Momentum
Bank of Korea Backs Tokenized Bonds as RWAs Gain Momentum

Find Us on Socials

You may also like

Why Ethereum Foundation Is Pitching Ethereum to Governments

Why Ethereum Foundation Is Pitching Ethereum to Governments

French Bank Crédit Agricole Launches MiCA-Compliant EURXT Euro Stablecoin

French Bank Crédit Agricole Launches MiCA-Compliant EURXT Euro Stablecoin

Circle CEO Picks Apart Open USD's Pitch After Stock Falls 16%

Circle CEO Picks Apart Open USD’s Pitch After Stock Falls 16%

Goliath Ventures CEO Pleads Guilty in $250M Crypto Ponzi Case

Goliath Ventures CEO Pleads Guilty in $250M Crypto Ponzi Case

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information