Deepfake case study · Multi-modal
Users who downloaded the @kodane/patch-manager npm package, specifically those with Solana…
A malicious npm package, @kodane/patch-manager, was generated using AI and contained a cryptocurrency wallet drainer targeting Solana funds. The package was uploaded to npm by a user named "Kodane" on July 28, 2025,…
- Incident date
- Aug 2025
- Target
- Users who downloaded the @kodane/patch-manager npm package, specifically those with Solana wallets
Updated May 6, 2026 · 1 min read
A malicious npm package, @kodane/patch-manager, was generated using AI and contained a cryptocurrency wallet drainer targeting Solana funds. The package was uploaded to npm by a user named "Kodane" on July 28, 2025, and downloaded over 1,500 times before being removed. It used a postinstall script to install the wallet drainer and steal cryptocurrency from compromised users.