ChainCatcher report: Security firm Socket Security has disclosed an active supply chain attack named TrapDoor targeting software package repositories such as npm, PyPI, and Crates.io. So far, 34 malicious packages and 384 versions and artifacts have been identified, with attackers continuously pushing new versions across ecosystems. TrapDoor primarily targets developers in the cryptocurrency, DeFi, AI, and security sectors, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, environment variables, and API keys. Socket detected a median time-to-detection of 5 minutes and 27 seconds for malicious versions, with the fastest detection occurring just 58 seconds after publication.
TrapDoor malware targets major code repositories; 34 malicious packages detected
ChaincatcherShare
Summary
A security breach named TrapDoor is actively targeting npm, PyPI, and Crates.io, with 34 malicious packages and 384 versions detected. Socket Security found that the malware steals wallet data, SSH keys, cloud credentials, and API keys, primarily targeting developers in crypto, DeFi, AI, and security. Attackers continuously push new versions, with the fastest detection occurring in just 58 seconds. Inflation data and other sensitive information are also at risk.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.