TrapDoor malware targets Solana, Sui, Aptos wallet data

A new crypto-theft campaign is targeting developers who likely have wallet keys, cloud credentials, and production access on their machines. Researchers at security firm Socket reported earlier this week that they identified a supply-chain attack called TrapDoor spreading across three major open-source programming registries. The attack includes more than 34 malicious packages with hundreds of related versions and artifacts.

A key takeaway is that attackers are becoming more focused. Beyond social engineering that targets individuals holding key information, supply-chain attacks are built not to catch random retail users but developers. Those are the very people who may have wallet files, SSH keys, GitHub tokens, cloud credentials, and production access on the same machine they use to build crypto and AI tools.

Socket did not identify specific victims or stolen funds. But the company said the packages were live across npm, PyPI, and Crates.io. These packages contained payloads that could steal wallet data, exfiltrate credentials, test AWS and GitHub tokens, and leave behind files to keep access active.

Boring by design

The packages were programmed in JavaScript, Python, and Rust. They were disguised as developer helpers, security scanners, wallet tools, Solidity utilities, AI prompt packages, and Sui or Move build helpers. The names were intentionally boring: “wallet-security-checker,” “defi-risk-scanner,” “solidity-build-guard,” “move-compiler-tools,” and “llm-context-compressor.” These looked like the kind of small utilities a crypto or AI developer might install without much thought.

Once installed, however, the payloads tried to pull far more than package data. In the npm packages, the malware searched a developer’s machine for private keys, passwords, GitHub tokens, and cloud logins. It also tested some stolen credentials, tried to move into other systems through SSH keys, and left behind files that could keep the infection active.

SSH keys are login files that developers use to access servers, code repositories, and other machines. If stolen, they can let an attacker move from one compromised laptop into a company’s wider infrastructure.

AI tools as attack vectors

The attack also uses files such as .cursorrules and claude.md, which allow developers to give project-specific instructions to AI coding tools. Socket said the campaign planted hidden instructions using zero-width Unicode characters. These appear to try making future AI assistant sessions run fake “security scans” that collected and exfiltrated secrets.

That turned the attack from a normal package stealer into something closer to developer-environment malware. The package install is only the first step. The real target is the workstation: wallets, repos, browser data, cloud keys, SSH access, and whatever AI coding tools read next.

The Rust packages used malicious build.rs scripts to run during compilation, targeting Sui and Move developers. PyPI packages executed remote JavaScript on import. Packages on npm used postinstall hooks.

Socket said it reported the packages to affected registries and classified the campaign packages as malicious. The company also warned that the attacker opened pull requests to AI and developer projects, trying to add .cursorrules and CLAUDE.md files through normal open-source contribution paths.

The post TrapDoor malware targets Solana, Sui, Aptos wallet data appeared first on TheCryptoUpdates.