TrapDoor Malware Targets Crypto Developers in Supply Chain Attack

Key Takeaways

TrapDoor is a malware campaign targeting Aptos, Sui, and Solana developers through fake open-source packages in npm, PyPI, and Crates.io.

Over 34 malicious packages and 384+ infected versions were found, disguised as blockchain tools, DeFi utilities, AI helpers, and dev libraries.

The goal was credential theft, including SSH keys, crypto wallets, GitHub tokens, AWS access, browser secrets, and API keys.

A newly discovered malware campaign known as “TrapDoor” is targeting developers building on major crypto networks, including Aptos, Sui, and Solana.

Researchers at Socket Security found more than 34 malicious packages planted across the npm, PyPI, and Crates.io registries, all designed to quietly compromise developer machines and steal sensitive credentials.

ALERT: Security researchers identify a malware campaign dubbed "TrapDoor" targeting crypto developer environments for @Aptos, @SuiNetwork and @Solana via 34+ malicious packages designed to steal SSH keys and wallet credentials. pic.twitter.com/z82JAgMrKp
— CoinDesk (@CoinDesk) May 25, 2026

The campaign left a wide footprint, with over 384 malicious versions and artifacts hidden inside what appeared to be everyday blockchain tools, DeFi utilities, AI assistants, and security libraries. Some packages were pulled down before the report went public, but others were still live and downloadable at the time of publication.

Developers Were the Main Target

Researchers said the attackers specifically targeted crypto and AI developers because their systems often contain highly valuable assets, including wallet seed phrases, SSH keys, API credentials, GitHub tokens, and cloud access credentials.

Several malicious Rust packages reportedly impersonated tooling associated with the Sui ecosystem, including names such as “sui-framework-helpers,” “sui-move-build-helper,” and “move-analyzer-build.”

The malware used multiple infection techniques depending on the programming ecosystem. Researchers said the packages leveraged:

npm postinstall hooks
Python import triggers
Rust build.rs scripts

These mechanisms enabled the malware to execute automatically once developers compiled or installed the infected packages.

SSH Keys and Wallet Credentials Were the Primary Targets

Behind the campaign was a clear objective: steal credentials. Once TrapDoor found its way in, it targeted some of the most valuable data a developer’s machine can hold, including:

SSH private keys
Crypto wallet credentials
Browser-stored secrets
GitHub authentication tokens
AWS and cloud credentials
API keys

All harvested data was quietly sent to attacker-controlled infrastructure, often without any visible sign of compromise.

Researchers highlighted why developers make such high-value targets. Unlike regular users, their machines typically carry direct access to production systems, treasury wallets, CI/CD pipelines, and infrastructure management tools, making a single successful infection far more damaging than it might first appear.

AI Tools May Have Been Part of the Attack

The report also revealed a more unsettling side to the campaign. Researchers found evidence that attackers attempted to manipulate AI coding assistants, including Claude and Cursor, via hidden prompt injections embedded in repositories and development workflows.

Some repositories tied to the operation also showed evidence that attackers used AI on their end, quickly spinning up fake lure repositories and bogus security documentation that suggested automation.

It points to a change in how these attacks are being built. Threat actors are no longer just exploiting package registries. They are now mixing in AI-assisted tricks and automated tooling to move faster and reach more targets.

Crypto Supply Chain Attacks Continue to Rise

TrapDoor is just the latest in a growing wave of attacks hitting open-source ecosystems used by crypto developers. Over the past few months alone, researchers have uncovered similar campaigns that use malicious npm packages, compromised libraries, and dependency hijacking to target crypto wallets and developer tools.

It is not hard to see why developers keep getting targeted. One compromised machine can give attackers a way into smart contracts, validator infrastructure, exchange integrations, and treasury wallets. In crypto, that kind of access can mean millions.

Developers Warned to Review Their Tools and Libraries

In response to the campaign, security firms are calling on developers across crypto, DeFi, and AI to take a closer look at what is running in their environments. Their recommendations include:

Audit third-party dependencies carefully
Avoid installing unverified packages
Pin trusted package versions
Rotate credentials immediately if suspicious packages were installed
Monitor CI/CD environments for unusual activity

Beyond the basics, researchers also pointed to dependency monitoring and supply-chain security tools as a practical first line of defense, helping teams catch suspicious package behavior before it ever reaches deployment.

Final Thoughts

TrapDoor is a reminder that in crypto, developers are just as much a target as the protocols they build. The campaign shows how attacks on the software supply chain are getting harder to spot and easier to scale. With AI now being used on both sides, the gap between a routine package install and a full system compromise is getting smaller. For developers, the message is straightforward: trust less, verify more, and treat your local environment with the same security mindset you would a production system.

Frequently Asked Questions

What is the TrapDoor malware campaign?

TrapDoor is a supply chain attack that hides malicious code in fake open-source packages, targeting crypto developers across npm, PyPI, and Crates.io.

Which ecosystems were targeted?

The attack focused on developers building on Aptos, Sui, and Solana by impersonating tools within their respective development ecosystems.

How did TrapDoor infect systems?

It executed automatically when installed through normal developer workflows, using npm install scripts, Python imports, and Rust build processes.

Why are crypto developers targeted?

Because their machines often have direct access to production systems, smart contracts, CI/CD pipelines, and treasury wallets, making one breach extremely valuable.

Was AI involved in the attack?

Yes. Researchers found signs of prompt injection attempts against AI coding tools like Claude and Cursor, along with AI-generated fake repositories.

How is this different from traditional cyberattacks?

It combines software supply-chain poisoning with AI-assisted tactics, allowing attackers to scale faster and make malicious tools more convincing.

What actions should developers take?

They should carefully review dependencies, avoid unverified packages, lock trusted versions, monitor system activity, and immediately rotate credentials if exposure is suspected.