Socket's Threat Research Team discovered a supply chain attack on dYdX protocol packages across npm and PyPI. Malicious versions of @dydxprotocol/v4-client-js and dydx-v4-client were published after maintainer compromise, containing credential theft malware that exfiltrates cryptocurrency wallet seed phrases and device
Table of contents
Prior Security Incidents Affecting dYdX-Related Infrastructure #npm Package: Credential Theft #Device Fingerprinting #PyPI Package: Credential Theft + Remote Access Trojan #Remote Access Trojan Payload #Malicious Infrastructure #Impact #Outlook and Recommendations #MITRE ATT&CK #Indicators of Compromise (IOCs) #Sort: