TrapDoor Malware Campaign Infiltrates Developer Supply Chains to Target Crypto and AI Projects

TLDR

• Cybersecurity company Socket identified a sophisticated malware operation dubbed “TrapDoor” that distributed 34 compromised packages throughout npm, PyPI, and Crates development platforms
• The malicious campaign focuses on developers working in cryptocurrency, decentralized finance, artificial intelligence, and cybersecurity sectors to extract wallet information, SSH credentials, cloud access tokens, and API authentication keys
• Among the targeted crypto platforms are Coinbase, Binance, Solana, MetaMask, and Brave browser wallet functionality
• TrapDoor employs a novel technique by embedding malicious prompts that manipulate AI-powered coding tools like Claude and Cursor, deceiving them into executing fraudulent “security assessments”
• The distribution platform GitHub experienced its own security breach on May 20 when threat actors gained unauthorized access following the compromise of an employee’s workstation

A sophisticated malware operation is infiltrating the software development supply chain, embedding malicious code within packages that programmers working on cryptocurrency and artificial intelligence projects regularly incorporate into their applications.

Cybersecurity researchers at Socket released comprehensive findings on Sunday documenting the attack campaign, which they designated “TrapDoor.” According to Socket’s timeline, the initial discovery occurred on Friday. Within that brief window, threat actors had successfully deployed over 34 compromised packages alongside 384 associated versions distributed throughout multiple developer repository platforms.

TrapDoor’s Malicious Capabilities

The malware operates as a data exfiltration tool engineered to capture confidential information. Its scope encompasses cryptocurrency wallet credentials, secure shell authentication keys, cloud infrastructure access tokens, GitHub personal access tokens, browser extension information, and application programming interface keys.

Ahmad Nassri, serving as Socket’s chief technology officer, verified that the malware specifically pursues numerous prominent cryptocurrency wallet platforms. The targeted list encompasses Coinbase, Binance, Solana, Sui, Aptos, and MetaMask. Additionally, the Brave browser’s integrated wallet features are included in the attack scope.

A particularly innovative element distinguishes TrapDoor from conventional malware. The operation plants concealed directives within AI-powered development assistants, particularly targeting Claude and Cursor. These embedded instructions manipulate the tools into executing what masquerades as a legitimate security audit, subsequently causing the AI assistant to locate and transmit confidential information while the developer remains completely unaware.

The compromised packages infiltrated three primary developer package ecosystems. These platforms include npm, the standard repository for JavaScript and Node.js development communities; PyPI, extensively utilized across data science, machine learning, and automation projects; and Crates, serving the Rust programming language developer base.

Attack Methodology and Distribution

The malicious package nomenclature was crafted to mimic legitimate development resources. Socket’s analysis revealed they were engineered to impersonate common development utilities, project initialization frameworks, model routing libraries, and compilation tools for Solidity, Sui, and Move blockchain platforms.

This strategic disguise provides the campaign with extensive reach across developer communities regularly engaging with cryptocurrency wallet integration, cloud infrastructure management, and GitHub collaboration workflows.

Socket’s investigation identified indicators suggesting artificial intelligence assistance in the campaign’s execution. The GitHub repositories exhibited characteristics including extensive security-focused framework structures, generic decoy repositories, and prompt-injection reference materials integrated with functional malware elements.

GitHub served as a primary distribution channel for the compromised packages. Notably, the platform had previously disclosed a distinct security incident on May 20, involving unauthorized penetration of internal code repositories following the successful compromise of a staff member’s computing device.

Socket documented that the median time to detection for malicious package versions stood at 5 minutes and 27 seconds. The most rapid identification occurred merely 58 seconds following a package’s publication.

This attack exemplifies an escalating pattern of malicious actors introducing contaminated packages into developer repositories, exploiting the reality that programmers frequently install dependencies as standard workflow procedures, typically without rigorous security vetting.

Socket has refrained from attributing TrapDoor to any particular threat actors or organized cybercriminal groups. At the time of publication, the campaign remained operationally active.

The post TrapDoor Malware Campaign Infiltrates Developer Supply Chains to Target Crypto and AI Projects appeared first on Blockonomi.