Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Moralis

Moralis Vendor Cyber Rating & Cyber Score

moralis.com

Moralis | Fetch, Monitor & Export Crypto Data Moralis is the complete crypto data layer. Fetch blockchain data with our Data APIs, monitor crypto data with Streams, and export massive blockchain datasets with Datashare. Made by developers for developers. Trusted by 150,000+ blockchain builders to scale without cost & complexity. Powering wallets, exchanges, fintechs, DeFi, and analytics platforms


Moralis A.I CyberSecurity Scoring

Moralis
Company Information
Website:https://moralis.com
Employees number:62
Number of followers:13,186
NAICS:5112
Industry Type:Software Development
Homepage:moralis.com
Moralis Risk Score (AI oriented)
Between 700 and 749
logo
MoralisSoftware Development
Updated:
12/06/2026
733/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Moralis Global Score (TPRM)
xxxx
logo
MoralisSoftware Development
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Moralis
MoralisModerate
Current Score
733Ba (MODERATE)
01000
1 incidents
-18 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
733Before Incident
JUNE 2026
751Before Incident
Cyber Attack
12 Jun 2026Moralis
Coinbase, npm and Moralis: Malicious npm Packages Abuse Postinstall Scripts to Steal Ethereum Private Keys and Mnemonic Phrases

Sophisticated npm Supply Chain Attack Targets Blockchain Developers

733After Incident
CRITICAL-18
MORNPMCOI1781267690
Sophisticated npm Supply Chain Attack Targets Blockchain Developers A newly uncovered software supply chain attack has compromised blockchain developers through eleven malicious npm packages, designed to steal cryptocurrency wallet credentials and infiltrate development environments. Discovered by Cyfirma Research, the campaign exploited open-source ecosystems to target Web3 projects and cloud-native infrastructure, amassing over 2.7 million downloads and significantly expanding its reach. The attack employed typosquatting and impersonation tactics, tricking developers into installing packages that mimicked legitimate tools. Three distinct clusters of malicious packages were identified: 1. Coinbase Wallet Utils – Functioned as an information stealer, conducting host reconnaissance and exfiltrating sensitive data to attacker-controlled servers. 2. moralis-sdk – The most downloaded package, containing an obfuscated post-install script that initiated a multi-stage infection chain, downloading and executing remote payloads. 3. Typosquatted packages (e.g., Ganach, Solidity, Stelar-sdk) – Leveraged blockchain-based command-and-control infrastructure to dynamically deploy platform-specific malware. Additionally, an npm user named ethcompat published five malicious packages, including hardhat-deploy-utils and ethers-compat, which harvested deployment credentials, SSH keys, and wallet secrets collectively garnering over 2,200 downloads. The primary attack vector relied on npm post-installation scripts, which executed malicious code automatically upon package installation, requiring no further user interaction. The campaign underscores the growing threat of supply chain attacks in open-source ecosystems, particularly against cryptocurrency and decentralized finance (DeFi) projects. Indicators of compromise (IoCs) include SHA1/SHA256 hashes for malicious packages such as ethers-jss and coinbase-wallet-utils, though attacker-controlled domains and IPs remain defanged to prevent accidental resolution.
INCIDENT DETAILS -
TYPE
Supply Chain Attack
MOTIVATION
Financial gain (cryptocurrency theft), credential harvesting
IMPACT
Data Compromised: Cryptocurrency wallet credentials, deployment credentials, SSH keys, wallet secretsSystems Affected: Development environments, Web3 projects, cloud-native infrastructureOperational Impact: Infiltration of development environments, potential unauthorized access to systemsIdentity Theft Risk: High (wallet credentials, PII)Payment Information Risk: High (cryptocurrency wallet credentials)
DATA BREACH
Cryptocurrency wallet credentialsDeployment credentialsSSH keysWallet secretsSensitivity Of Data: HighData Exfiltration: Yes (to attacker-controlled servers)Personally Identifiable Information: Potentially (wallet credentials, SSH keys)
MAY 2026
751Before Incident
APRIL 2026
751Before Incident
MARCH 2026
751Before Incident
FEBRUARY 2026
751Before Incident
JANUARY 2026
751Before Incident
DECEMBER 2025
751Before Incident
NOVEMBER 2025
751Before Incident
OCTOBER 2025
751Before Incident
SEPTEMBER 2025
751Before Incident
AUGUST 2025
751Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Moralis ?
?
What was Moralis's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Moralis's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Moralis's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Moralis's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Moralis's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Moralis's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Moralis's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Moralis's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Moralis's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Moralis's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Moralis's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Moralis's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Moralis ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Moralis's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?