‘TrapDoor’ malware targets crypto dev tools in supply chain attack
Cointelegraph
The TrapDoor malware campaign is targeting crypto and AI developers by injecting malicious packages into popular developer platforms to steal sensitive credentials.Summary
The developer platform Socket has identified an active supply chain attack dubbed "TrapDoor" that targets cryptocurrency and AI developers. The campaign uses over 34 malicious packages across platforms like npm, PyPI, and Crates to steal crypto wallet data, SSH keys, cloud credentials, and GitHub tokens. By masquerading as helpful development utilities, the malware exploits developers' workflows to compromise systems. Furthermore, the malware utilizes AI-assisted techniques to hijack coding assistants like Claude and Cursor, tricking them into executing commands that exfiltrate sensitive information.
(Source:Cointelegraph)