The developer has injected malicious code into the popular JavaScript library

The cybercriminal, having gained access to the popular JavaScript library, injected there a malicious code that allows you to steal Bitcoin and Bitcoin Cash funds stored in BitPay Copay wallets. The presence of a malicious code was discovered last week, but only yesterday, researchers managed to understand what exactly this obfuscated code was doing. We are talking about the library Event-Stream, it downloaded the malicious content.

This is an extremely popular library, with more than two million weekly downloads. However, about three months ago, the author of Event-Stream transferred the library to another developer - Right9ctrl. Thanks to the vigilant user managed to install - Right9ctrl immediately introduced its malicious code into the development. The malicious component was seen in Event-Stream 3.3.6.

According to Twitter users, GitHub and Hacker News, the malicious code is in a state of "hibernation" until it is used inside the Copay source code (the desktop and mobile application acting as a wallet developed by the BitPay platform).

Once the malicious code gets into Copay, it will steal all user information, including private keys, and send it to on port 8080.