{"id":97438,"date":"2026-05-25T14:00:45","date_gmt":"2026-05-25T11:00:45","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=97438"},"modified":"2026-05-25T14:05:13","modified_gmt":"2026-05-25T11:05:13","slug":"socket-uncovers-supply-chain-attack-on-cryptocurrency-and-ai-developers","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/socket-uncovers-supply-chain-attack-on-cryptocurrency-and-ai-developers\/","title":{"rendered":"Socket Uncovers Supply Chain Attack on Cryptocurrency and AI Developers"},"content":{"rendered":"<p>The platform Socket has reported a supply chain attack targeting developers of cryptocurrencies and AI systems, aimed at stealing digital assets and data.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udea8 BREAKING: Active supply chain attack across npm, PyPI, and Crates.\u200bio.<\/p>\n<p>Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems.<\/p>\n<p>TrapDoor targets\u2026 <a href=\"https:\/\/t.co\/0CI758NJ6T\">pic.twitter.com\/0CI758NJ6T<\/a><\/p>\n<p>\u2014 Socket (@SocketSecurity) <a href=\"https:\/\/twitter.com\/SocketSecurity\/status\/2058565153138844043?ref_src=twsrc%5Etfw\">May 24, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>On May 22, the firm identified a malicious campaign named TrapDoor. The attack involved more than 34 malicious packages and 384 associated versions. The perpetrators repeatedly released new variations across different ecosystems.<\/p>\n<p>The malware targets developers of cryptocurrencies, <a href=\"https:\/\/forklog.com\/en\/news\/what-is-decentralised-finance-defi\">DeFi<\/a>, AI, and security systems. It steals wallet data, cloud service accounts, browser extensions, <span data-descr=\"special digital access keys that allow programs, scripts, IDEs, CI\/CD systems, or other services to work with GitHub on behalf of a user or application\" class=\"old_tooltip\">GitHub tokens<\/span>, as well as <span data-descr=\"cryptographic keys for secure login to servers and services without a regular password\" class=\"old_tooltip\">SSH<\/span> and <span data-descr=\"application programming interface\" class=\"old_tooltip\">API<\/span> keys.<\/p>\n<p>The attack includes popular cryptocurrency wallets such as Coinbase, Binance, Solana, Sui, Aptos, and MetaMask, as well as the Brave web browser.<\/p>\n<h2 class=\"wp-block-heading\">Technical Details<\/h2>\n<p>The software embeds hidden instructions to &#8220;capture AI programming assistants&#8221; like Claude and Cursor.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;The goal is to trick <span data-descr=\"large language model\" class=\"old_tooltip\">LLM<\/span> assistants into running a &#8216;security scan&#8217; or a similar workflow that leads to the discovery and theft of secret information,&#8221; Socket reported.<\/p>\n<\/blockquote>\n<p>TrapDoor specifically targets popular developer resources like <span data-descr=\"Node Package Manager \u2014 the standard package manager for the JavaScript ecosystem\" class=\"old_tooltip\">npm<\/span>, <span data-descr=\"Python Package Index \u2014 the official centralized online repository where developers share, find, and download open-source Python software.\" class=\"old_tooltip\">PyPI<\/span>, and <span data-descr=\"packages\/libraries in the Rust language ecosystem\" class=\"old_tooltip\">Crates<\/span>.<\/p>\n<p>Some npm packages installed a common module that searched for developers&#8217; secret data. Attempts to establish persistence in the system through scheduler tasks, services, and autostart mechanisms were recorded.<\/p>\n<p>In Rust packages, a search for local key stores was detected, followed by data transmission via <span data-descr=\"a mini-page on GitHub for storing and publishing small text or code snippets\" class=\"old_tooltip\">GitHub Gists<\/span>. In Python packages, code was loaded from an external domain and executed via Node.js, allowing behavior changes without publishing a new version.<\/p>\n<p>Socket recommends considering environments with such packages installed as potentially compromised, changing keys and tokens, and checking the system for persistence mechanisms. Simply removing the software component is insufficient.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;The names of the malicious modules are crafted to appear as developer helpers, project setup tools, model routing utilities, prompt engineering packages, solutions for Solidity, or assistants for building Sui and Move,&#8221; Socket experts explained.<\/p>\n<\/blockquote>\n<p>GitHub was used to distribute the malicious packages. The attack was carried out using AI.<\/p>\n<p>The service itself was <a href=\"https:\/\/t.me\/forklogAI\/7159\">hacked<\/a> on May 20, with hackers gaining access to 3,800 internal repositories.<\/p>\n<p>In May, Anthropic published its <a href=\"https:\/\/forklog.com\/en\/news\/anthropic-reveals-10000-critical-vulnerabilities-in-project-glasswings-initial-report\">first report<\/a> on Project Glasswing \u2014 a vulnerability search program using the Claude Mythos model.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Socket reported a supply chain attack targeting cryptocurrency and AI developers, aimed at stealing digital assets and data.<\/p>\n","protected":false},"author":1,"featured_media":97439,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Socket reported a supply chain attack on cryptocurrency and AI developers.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[438,44,1111],"class_list":["post-97438","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-artificial-intelligence","tag-cybercrime","tag-cybersecurity"],"aioseo_notices":[],"amp_enabled":true,"views":"21","promo_type":"1","layout_type":"1","short_excerpt":"Socket reported a supply chain attack on cryptocurrency and AI developers.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97438","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=97438"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97438\/revisions"}],"predecessor-version":[{"id":97440,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/97438\/revisions\/97440"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/97439"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=97438"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=97438"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=97438"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}