Security Firm: Cryptocurrency Stealing Malware TrapDoor Actively Targeting Top Three Code Repositories, 34 Malicious Packages Detected

BlockBeats News, May 25th, According to the security company Socket Security, a cryptocurrency theft activity named TrapDoor is conducting an active supply chain attack in software package repositories such as npm, PyPI, and Crates.io. Currently, 34 malicious packages and 384 versions and artifacts have been discovered, and the attacker is continuously pushing new versions across ecosystems.

The article states that TrapDoor mainly targets developers in the cryptocurrency, AI, and security fields, allowing it to steal wallets, SSH keys, cloud credentials, GitHub tokens, browser data, environment variables, and API keys.