Which package repositories were affected?

The malware was embedded across npm, PyPI, and Crates.io repositories, with package names designed to resemble standard development tools and blockchain build helpers.

What credentials were targeted by TrapDoor?

The malware sought to steal SSH keys, cloud credentials, GitHub tokens, browser extension data, API keys, and wallet data from platforms including Coinbase and Binance.

How did TrapDoor evade detection?

Package names were designed to resemble standard development tools, project setup utilities, and prompt engineering packages, allowing the malware to evade detection during routine installation across developer environments.

TrapDoor Malware Campaign Targets Crypto Developers

Q: What is the TrapDoor malware campaign?

TrapDoor is a supply chain attack campaign that deployed more than 34 malicious packages and 384 related versions designed to steal cryptocurrency wallet credentials and developer secrets from crypto builders.

Supply chain attack embedded 34 malicious packages across npm, PyPI, and Crates.io

Security firm Socket detected TrapDoor, a supply chain attack campaign that deployed more than 34 malicious packages and 384 related versions designed to steal cryptocurrency wallet credentials and developer secrets from crypto builders.

The malware embedded hidden instructions in software packages across npm, PyPI, and Crates.io repositories. The attack targeted AI coding assistants Claude and Cursor, manipulating them into executing credential-stealing routines that appeared to be routine security scans.

According to Ahmad Nassri, Chief Technology Officer at Socket, GitHub activity associated with the campaign showed “signs of AI-assisted development, pointing to broad security-themed templates, generic lure repositories, and a mix of partially built extraction ideas alongside working malware components.”

TrapDoor’s package names were designed to resemble standard development tools, project setup utilities, prompt engineering packages, and blockchain build helpers. This naming strategy allowed the malware to evade detection during routine installation across developer environments.

The campaign targeted crypto, DeFi, Solana, and AI developer communities where sensitive credentials and wallet access are common. The malware sought to steal SSH keys, cloud credentials, GitHub tokens, browser extension data, and API keys in addition to wallet data from platforms including Coinbase, Binance, Solana, Sui, Aptos, and MetaMask. The attack also targeted the Brave browser.

Socket published its findings on Sunday following detection of the campaign on Friday. The firm posted a breaking announcement on Twitter on May 24, 2026. The Hacker News published a follow-up report on May 25, 2026.

The TrapDoor detection comes weeks after GitHub reported unauthorized access to internal repositories on May 20, 2026, following compromise of an employee device. The temporal proximity between GitHub’s breach and the emergence of TrapDoor raises questions about potential connections, though the source does not clarify a direct link between the two incidents.

Socket did not specify the exact number of developers affected or compromised by the campaign. The firm also did not disclose whether any wallet funds were actually stolen or if the campaign remained in the detection stage before wider distribution.

The attack demonstrates the vulnerability of open-source supply chains serving cryptocurrency and AI developer communities. Malicious actors leveraged the trust developers place in package repositories and AI-assisted coding tools to distribute credential-stealing malware at scale across three major ecosystems serving different programming languages.

Supply chain attack embedded 34 malicious packages across npm, PyPI, and Crates.io

60 Crypto Execs Urge Senate to Pass Clarity Act With Developer Protections

Crypto Coalition Pushes Senate Floor Vote on CLARITY Act as Odds Sink

Bankman-Fried petitions Trump for pardon despite public refusal