coin-img-ETHETH-0.37%coin-img-BTCBTC+0.89%coin-img-HYPEHYPE+2.99%coin-img-SOLSOL+0.36%coin-img-XRPXRP+0.06%coin-img-USDCUSDC-0.01%coin-img-TONCOINTONCOIN+1.40%coin-img-DOGEDOGE-0.14%coin-img-ETHETH-0.37%coin-img-BTCBTC+0.89%coin-img-HYPEHYPE+2.99%coin-img-SOLSOL+0.36%coin-img-XRPXRP+0.06%coin-img-USDCUSDC-0.01%coin-img-TONCOINTONCOIN+1.40%coin-img-DOGEDOGE-0.14%coin-img-ETHETH-0.37%coin-img-BTCBTC+0.89%coin-img-HYPEHYPE+2.99%coin-img-SOLSOL+0.36%coin-img-XRPXRP+0.06%coin-img-USDCUSDC-0.01%coin-img-TONCOINTONCOIN+1.40%coin-img-DOGEDOGE-0.14%coin-img-ETHETH-0.37%coin-img-BTCBTC+0.89%coin-img-HYPEHYPE+2.99%coin-img-SOLSOL+0.36%coin-img-XRPXRP+0.06%coin-img-USDCUSDC-0.01%coin-img-TONCOINTONCOIN+1.40%coin-img-DOGEDOGE-0.14%

TrapDoor supply-chain crypto theft hits 34+ malicious packages across npm, PyPI and Crates.io

ME News reported on May 25 (UTC+8) that security firm Socket Security has uncovered a supply-chain attack dubbed TrapDoor. The campaign involves more than 34 malicious packages and 384 related versions distributed via npm, PyPI and Crates.io, with developers in cryptocurrency, DeFi, Solana, Sui, Move and AI among the primary targets. Socket said the malware is designed to exfiltrate sensitive data including SSH keys, wallet information, AWS credentials, GitHub tokens, browser data and environment variables. On npm, affected packages trigger trapcore.js through postinstall hooks. On PyPI, the packages execute remote JavaScript when imported. On Crates.io, the malicious code leverages build.rs to collect local keychain data. Socket has flagged the packages and notified the relevant package registries. (Source: MLion)
Selected
SUI
SUI-1.81%
MOVE
MOVE-1.22%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.