Supply Chain Attack: 'TrapDoor' Malicious Software Infiltrates Cryptocurrency Developer Platforms
Security platform Socket has uncovered malware named TrapDoor that is specifically designed to compromise cryptocurrency and artificial intelligence developers through npm, PyPI and Crates repositories, with the objective of extracting crypto wallet credentials and browser information.
A sophisticated supply chain attack campaign is currently underway, specifically designed to compromise developers working in the cryptocurrency and artificial intelligence sectors with the intention of exfiltrating digital assets, sensitive information, or authentication credentials, according to developer security platform Socket.
In a security advisory published on Sunday, Socket revealed that the malicious software operation, which the company has named "TrapDoor," was initially identified on Friday. The campaign has successfully distributed over 34 compromised packages along with 384 associated versions, with threat actors continuously releasing updated iterations across multiple software ecosystems.
According to Socket, TrapDoor specifically focuses on developers involved in cryptocurrency, decentralized finance, artificial intelligence, and cybersecurity projects, exfiltrating sensitive information including wallet credentials, Secure Shell (SSH) cryptographic keys, cloud platform credentials, GitHub authentication tokens, browser extension information, and application programming interface keys.
The malicious code additionally focuses on widely-used cryptocurrency wallet applications, encompassing Coinbase, Binance, Solana, Sui, Aptos, and MetaMask, while also targeting the Brave web browser, according to Socket's chief technology officer Ahmad Nassri in a statement released on Sunday.
According to Nassri, the malicious software embeds concealed commands designed to "hijack your AI coding assistant," with specific focus on Claude and Cursor platforms. "The goal appears to be to trick AI assistants into running a 'security scan' or similar workflow that causes secret discovery and exfiltration," Socket said.
Developers working in cryptocurrency and artificial intelligence fields have progressively become high-value targets as threat actors have been distributing compromised packages into developer-focused "app stores," with the knowledge that developers will incorporate them into their standard development processes, frequently without conducting proper security verification.
The TrapDoor campaign specifically focuses on widely-utilized developer repositories including npm (node package manager), which serves as the package repository for JavaScript and Node.js developers, the programming language that powers the majority of modern websites and web-based applications.
The malware was additionally discovered in PyPI, which serves as the corresponding package repository for Python programmers, a language extensively utilized in data science, artificial intelligence applications, and automation workflows, as well as Crates, which fulfills the same function for developers working with the Rust programming language.
According to Socket, the names of the malicious packages have been deliberately designed to resemble "development helpers, project setup tools, model routing utilities, prompt engineering packages, Solidity tooling, and Sui or Move build helpers," making them appear legitimate to developers.
"This gives the campaign broad reach across adjacent developer communities where crypto wallets, cloud credentials, GitHub tokens, and SSH keys are likely to be present," it added.
According to Socket, the developer collaboration platform GitHub has been leveraged to distribute the compromised packages, with the attack campaign displaying characteristics consistent with artificial intelligence assistance.
"The GitHub activity shows signs of rapid, AI-assisted-style iteration: broad security-themed scaffolding, generic lure repositories, prompt-injection documentation, and partially implemented extraction concepts mixed with working malware components."
GitHub itself experienced a security breach on May 20 when the company disclosed unauthorized access to its internal code repositories resulting from the compromise of an employee's computing device.