Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Market Capitalization:2 575 678 386 071,3 USD
Vol. in 24 hours:64 190 316 887,33 USD
Dominance:BTC 60,06%
ETH:9,87%
Yes
>>A security firm warns that TrapDoor malware is aimed at crypto and AI developers via open-source packages.

A security firm warns that TrapDoor malware is aimed at crypto and AI developers via open-source packages.

crypthub
A security firm warns that TrapDoor malware is aimed at crypto and AI developers via open-source packages.

Threat Overview

TrapDoor is a malware campaign that injects malicious code into popular npm and PyPI packages. It targets developers in cryptocurrency, DeFi, and AI who download these seemingly legitimate dependencies. Once installed, the payload acts as an info‑stealer, exfiltrating MetaMask, Phantom, SSH keys, and GitHub tokens. The stolen credentials enable attackers to seize digital assets and compromise source repositories.

Impact on Developers

Open‑source libraries are a core building block for crypto and AI applications, creating trust that attackers exploit. Compromised wallet extensions can lead to direct loss of cryptocurrency holdings. Hijacked SSH and GitHub tokens allow further code injection and theft of intellectual property. The incident highlights a broader supply‑chain risk where a single infected dependency can trigger financial and reputational damage.

Mitigation Recommendations

Developers should verify package integrity, lock exact versions, and run automated security scans on all new dependencies. Employ hardware wallets for crypto keys and enable multi‑factor authentication on GitHub accounts. Regularly audit dependency trees and limit unnecessary third‑party packages. Maintaining these practices reduces exposure to TrapDoor and similar supply‑chain threats.