A sophisticated supply chain attack, dubbed TrapDoor, has been identified targeting major package repositories: npm, PyPI, and Crates.io. This campaign involves over 34 malicious packages across more than 384 versions, aiming to steal sensitive information from developers in the cryptocurrency, DeFi, AI, and security sectors.
According to The Hacker News, the attack commenced on May 22, 2026, with new packages being rapidly published across these ecosystems. The malicious packages are designed to exfiltrate developer secrets, including crypto wallets, SSH keys, cloud credentials, GitHub tokens, browser data, and environment variables.
Attack Mechanisms Across Ecosystems
The TrapDoor campaign employs various techniques tailored to each package ecosystem:
- npm: Malicious packages execute a shared payload,
trap-core.js, via postinstall hooks. This script scans for credentials, validates AWS and GitHub tokens, attempts SSH-based lateral movement, and establishes persistence through methods like cron jobs, systemd services, Git hooks, and shell hooks. - PyPI: Packages are designed to auto-execute upon import, downloading and running JavaScript payloads from attacker-controlled domains. This approach allows attackers to update the malicious code post-publication, enhancing flexibility.
- Crates.io: Rust packages utilize build scripts (
build.rs) to execute malicious code during compilation. These scripts search for local keystores, encrypt the data using a hardcoded XOR key, and exfiltrate it to GitHub Gists.
Targeted Developer Communities
The attackers have strategically named the malicious packages to appeal to developers in specific domains. Examples include:
- npm:
eth-wallet-sentinel,defi-threat-scanner,solidity-deploy-guard - PyPI:
eth-security-auditor,defi-risk-scanner - Crates.io:
sui-framework-helpers,move-project-builder
This targeted approach increases the likelihood of these packages being integrated into projects within the cryptocurrency and AI development communities.
Security firm Socket Security has flagged all related packages as malicious and reported them to the respective package registries. The median detection time for these malicious versions was 5 minutes and 27 seconds, with the fastest detection occurring 58 seconds after release.
The TrapDoor attack underscores the evolving sophistication of supply chain attacks, emphasizing the need for developers to exercise caution when incorporating third-party packages. Regularly auditing dependencies and monitoring for unusual behavior are crucial steps in mitigating such threats.
Source: The Hacker News
