A newly discovered malware campaign named TrapDoor is actively targeting cryptocurrency and artificial intelligence developers through poisoned software packages, aiming to steal sensitive data such as wallet information, cloud credentials, and API keys.
Security firm Socket identified the operation on Friday, May 23, and published a detailed report on Sunday. The campaign has already spread across at least 34 malicious packages and 384 connected versions in three major developer ecosystems: npm (JavaScript/Node.js), PyPI (Python/AI), and Rust’s Crates repository. The attackers disguised the packages as common development utilities—project setup tools, Solidity frameworks, prompt-engineering libraries, and build helpers for Sui and Move applications—making them appear legitimate and easy to install without suspicion.
Socket’s CTO, Ahmad Nassri, confirmed that the malware targets wallets and platforms linked to Coinbase, Binance, MetaMask, Brave, and the blockchain ecosystems of Solana, Sui, and Aptos. Beyond credential theft, TrapDoor injects hidden instructions into AI coding assistants such as Claude and Cursor, tricking them into running fake “security scans” that inadvertently expose secrets and transmit them to the attackers.
The campaign also exploits GitHub repositories that showed signs of AI-assisted development, including generic lure repositories and prompt-injection documentation. This came shortly after GitHub disclosed on May 20 that an employee’s device had been compromised, allowing unauthorized access to internal repositories. Socket reported a median detection time of just over five minutes for the malicious packages, with the fastest at 58 seconds.
TrapDoor is part of a widening pattern of supply chain attacks on crypto professionals. Earlier incidents included malware hidden in the Obsidian note-taking app and a Lazarus Group operation using fake Zoom meetings and compromised Telegram accounts to deliver macOS malware. Security experts warn that open-source package repositories and development tools are becoming prime entry points for attackers seeking access to high-value crypto infrastructure.
