Researchers flag TrapDoor malware campaign targeting crypto developer environments including Aptos, Sui and Solana
The Block
Researchers identified a malicious "TrapDoor" malware campaign targeting crypto developer environments across npm, PyPI, and Crates.io registries.Summary
Socket Security researchers have uncovered "TrapDoor," a malicious software campaign infecting over 34 packages across npm, PyPI, and Crates.io. The malware specifically targets cryptocurrency developer environments, including those working on Aptos, Sui, and Solana, by masquerading as legitimate development and security tools. Once installed, the malware automatically executes to exfiltrate sensitive data such as SSH keys, AWS credentials, GitHub tokens, and crypto wallet keystores. The campaign utilizes rapid-deployment tactics to compromise developer machines, posing a high-impact risk despite its low-volume distribution.
(Source:The Block)