Key Takeaways:
A coordinated software supply chain attack is targeting crypto and AI developers with more than 34 malicious packages designed to steal credentials and digital assets. The campaign, dubbed “TrapDoor” by the developer platform Socket, was first detected on May 22 and spans the npm, PyPI, and Crates.io open-source package registries.
"TrapDoor targets developers in crypto, DeFi, Solana, and AI communities," Socket said in a report published Sunday. "The malicious packages are designed to steal developer secrets, crypto wallets, SSH keys, cloud credentials, browser data, and environment variables."
The malware campaign is notable for its multi-platform approach, using different attack methods for each ecosystem. On npm, it uses postinstall hooks to execute a credential-stealing payload. The Python packages on PyPI are designed to fetch and run remote JavaScript on import, while the Rust packages on Crates.io use malicious build.rs scripts to find and exfiltrate local keystores. The attack specifically targets wallets for Sui, Solana, and Aptos, among others.
The operation also reveals a novel threat vector that attempts to hijack AI coding assistants. Attackers submitted pull requests to popular AI projects like LangChain and Langflow, adding hidden instructions in configuration files such as .cursorrules and CLAUDE.md. Socket said the goal appears to be tricking the AI tools into running fake "security scans" that would discover and exfiltrate secrets from a developer's environment, showing how attackers are evolving to target modern developer workflows.
This article is for informational purposes only and does not constitute investment advice.
