Security Firm: TrapDoor Crypto Theft Campaign Targets Major Code Repositories

KuCoinFlash

Release Time: 05/25/2026 02:00:07

Summary

A security breach uncovered by Socket Security has revealed a TrapDoor crypto theft campaign targeting major code repositories such as npm, PyPI, and Crates.io. As of May 25, 34 malicious packages and 384 versions have been identified, with attackers deploying new versions across ecosystems. The campaign specifically targets developers in the AI and crypto news, security, and blockchain sectors, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, environment variables, and API keys.

BlockBeats report: On May 25, according to security firm Socket Security, a cryptocurrency theft campaign named TrapDoor is launching active supply chain attacks on software package repositories such as npm, PyPI, and Crates.io. So far, 34 malicious packages and 384 versions and artifacts have been identified, with attackers continuously pushing new versions across ecosystems.

The article states that TrapDoor primarily targets developers in the cryptocurrency, AI, and security fields, capable of stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, environment variables, and API keys.

Source:Show original

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.