Supply-chain attack targets Solana, Sui, Aptos developers
A supply-chain attack dubbed TrapDoor planted malicious packages in npm, PyPI, and Crates.io, disguised as developer utilities. The malware steals wallet data, SSH keys, and cloud credentials, specifically targeting Solana, Sui, and Aptos developers. No victims or stolen funds have been identified.
Quick Take
34 malicious packages found across npm, PyPI, Crates.io
Malware disguised as security scanners, Solidity utilities, and Move tools
Steals private keys, credentials, and leaves backdoors via .cursorrules files
Attackers also submit malicious pull requests to AI and developer projects
Market Impact Analysis
NeutralThe attack targets developers rather than market infrastructure and has no confirmed fund losses, making direct market impact unlikely.
Speculation Analysis
Key Takeaways
- 34 malicious packages embedded across npm, PyPI, and Crates.io target Solana, Sui, and Aptos developers
- Malware disguised as security scanners, wallet tools, and Move build helpers to steal private keys and credentials
- Attack uses .cursorrules files with zero-width Unicode to turn AI coding sessions into persistent backdoors
- No confirmed victim losses yet, but campaign remains active with ongoing malicious pull requests
What Happened
The TrapDoor attack embedded 34 malicious packages in open-source registries npm, PyPI, and Crates.io. Disguised as mundane developer utilities—security scanners, Solidity helpers, Move build tools—the packages targeted crypto developers in the Solana, Sui, and Aptos ecosystems. Once installed, the malware scraped private keys, SSH credentials, and cloud access tokens. Socket researchers detected the live packages and reported them to registries, but the campaign remains active, with the attacker continuing to submit pull requests to open-source projects.
The Numbers
The 34 packages spanned three languages—JavaScript, Python, and Rust—to cast a wide net. Names like "wallet-security-checker" and "move-compiler-tools" were chosen to appear authentic. Post-install, payloads executed via npm’s postinstall hooks, PyPI’s imports, and Rust’s build scripts. The malware also tested stolen AWS and GitHub tokens, seeking lateral movement through SSH keys. Zero victims or stolen funds have been confirmed, but the early-stage detection suggests developers could unknowingly remain compromised.
Why It Happened
Attackers are sharpening their focus. Social engineering evolves, but supply-chain attacks hit where the keys are: developer workstations. Crypto and AI builders often hold wallet files, SSH keys, and production credentials on the same machine. The TrapDoor crew exploited this by mimicking the small, unglamorous packages developers grab without auditing. The use of .cursorrules files, injected with zero-width Unicode instructions, points to a multi-stage design—infecting not just the machine but future AI-assisted coding sessions. This isn’t a one-time smash-and-grab; it’s a persistent backdoor strategy.
Broader Impact
The attack underscores an uncomfortable truth: developers are the new honeypots. Cross-chain targeting of Solana, Sui, and Aptos shows attackers keep pace with emerging platforms. The .cursorrules vector weaponizes AI tooling, turning assistant sessions into unwitting extraction pipelines. Supply-chain security can no longer be an afterthought for web3 infrastructure.
What to Watch Next
- Monitor registries for similar package names and unexpected postinstall behavior
- Watch for disclosed breaches or wallet drains linked to compromised dev machines
- Track whether the malicious PR campaign expands to higher-profile repositories
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
