Cryptocurrency Development Environments Targeted by Malware Campaign

Cryptocurrency development environments have been targeted by a malware campaign called 'TrapDoor', according to recent research from Socket Security.

The malicious software packages are designed to steal sensitive information such as SSH keys, wallet credentials, and cloud credentials from developer machines. Researchers at Socket identified over 34 malicious packages that resemble development tools in cryptocurrency, DeFi, AI, and security workflows.

The 'TrapDoor' malware campaign targets environments where cloud credentials, SSH keys, and wallet data are stored on developer machines. This includes popular cryptocurrency wallets such as Coinbase, Binance, Solana, Sui, Aptos, and MetaMask, as well as the Brave web browser.