Close Menu
Cryptoz7
    What's Hot

    Bitcoin gets new expiration date thanks to Google researchers

    July 11, 2026

    Ethereum Price Analysis: ETH Faces a Crucial Test After Latest Rebound

    July 11, 2026

    Solana (SOLUSD) Volatility Intensified on Jul 11: What You Should Know

    July 11, 2026
    Facebook X (Twitter) Instagram
    Trending
    • Bitcoin gets new expiration date thanks to Google researchers
    • Ethereum Price Analysis: ETH Faces a Crucial Test After Latest Rebound
    • Solana (SOLUSD) Volatility Intensified on Jul 11: What You Should Know
    • Pepe Coin Price Prediction 2026
    • Hedera-Based DeFi Lender Bonzo Lend Loses $9 Million in Oracle Attack
    • Digital Chamber Files Amicus Brief in New York Bitcoin Ownership Case
    • Circle gets OCC approval to become a national digital currency bank
    • County sheriff warns of law enforcement impersonation cryptocurrency scam
    Facebook X (Twitter) Instagram
    Cryptoz7
    • Home
    • Altcoins
    • Bitcoin
    • DeFi & Web3
    • Ethereum
    • Guides
    • Latest News
    • Markets
    • Regulations
    Cryptoz7
    Home»Guides»Hackers tried to backdoor Injective npm package to steal wallet keys
    Hackers tried to backdoor Injective npm package to steal wallet keys
    Guides

    Hackers tried to backdoor Injective npm package to steal wallet keys

    stamilhstgr0518@gmail.comBy stamilhstgr0518@gmail.comJuly 11, 2026No Comments3 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email

     
    cointelegraph.com
     + 1 more10 July 2026 11:46, UTC

    Hackers compromised a widely used Injective software package in a supply chain attack with malware designed to steal crypto wallet private keys, adding to a growing attack vector involving attackers using legitimate platforms to deliver malicious payloads.

    Security firm Socket discovered on Thursday that a popular npm (node package manager) package with around 50,000 weekly downloads used for building on the Injective blockchain was maliciously modified to steal wallet private keys and seed phrases.

    The large number of downloads makes the incident “significant for developers and applications that handle Injective wallet workflows,” Socket researchers said. The malicious code has since been removed.

    The software supply chain attack is a relatively new attack vector in which hackers don’t target a blockchain’s cryptography or smart contracts directly, but instead compromise trusted developer tools used to build wallets, exchanges and apps.

    Injective is an interoperable layer 1 designed for DeFi applications. Its usage has dwindled over the past two years, with total value locked shrinking by 88% to current levels of $8.2 million from its $71 million peak in mid-2024

    Secretly copying private keys and phrases

    Version 1.20.21 of the @injectivelabs/sdk-ts npm package was modified through a compromised developer GitHub account, with suspicious commits beginning June 8. It was also pinned across 17 other packages in the Injective Labs npm scope, “exposing users who may not have installed the SDK [software development kit] directly,” Socket said.

    “The malicious release hooks wallet key-derivation functions, records private keys and mnemonics, and exfiltrates them through fake telemetry,” Socket explained.

    The malicious code hooked into normal functions used to generate wallet keys, and whenever a developer’s app used these functions, it secretly copied the seed phrase or private key. The compromised data was then encoded and sent to a web address that looked like a legitimate Injective network server.

    “Any keys or mnemonics passed through affected packages should be treated as compromised,” Socket added.

    Socket reported that the developer whose account was infiltrated quickly detected the compromise, but the malware had been downloaded more than 300 times, and “the campaign itself isn’t yet fully contained.”

    Injective CEO Eric Chen said, “it’s already fixed, and the affected versions on npm are already deprecated.” No funds on the network are at risk, he added, and Socket did not specify whether any funds were stolen in the incident.


    The compromised npm package was downloaded 310 times

    Wallet compromises most costly this year

    The Security Alliance (SEAL) said in its second-quarter threat report that attackers are increasingly using legitimate platforms like GitHub, npm and Google to deliver payloads.

    “In some cases, compromised systems are being used to push malicious code directly into a company’s own GitHub repositories, turning a single compromise into a distribution channel for the next one.”

    SEAL added that the malware itself has also gotten more comprehensive, “with cross-platform payloads, including a rise in macOS-specific campaigns, that combine infostealers, RATs (remote access trojans) and backdoor capabilities in a single package.”

    A similar supply chain attack hit Axios npm releases in March, while a malware campaign called TrapDoor was discovered in May targeting crypto, DeFi, AI and security developers.

    GitHub itself was exploited on May 20 when it reported unauthorized access to its internal repositories following the compromise of an employee’s device.

    Wallet compromises were the most costly attack vector in the first half of 2026, with $444 million stolen across 33 incidents, CertiK reported Monday.

    Features:Bitcoin’s quantum dilemma: Bigger blocks or STARK proofs?

    Similar news (1)

    backdoor Hackers Injective package tried
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    stamilhstgr0518@gmail.com
    • Website

    Related Posts

    Digital Chamber Files Amicus Brief in New York Bitcoin Ownership Case

    July 11, 2026

    Wallet in Telegram brings SK Hynix listing onchain through xStocks

    July 11, 2026

    NOWPayments CEO Kate Lifshits Says Businesses Should Stop Paying for Crypto Payouts

    July 11, 2026

    Radar Chat launches as Signal fork with built-in self

    July 11, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Bitcoin gets new expiration date thanks to Google researchers

    July 11, 2026

    Ethereum Price Analysis: ETH Faces a Crucial Test After Latest Rebound

    July 11, 2026

    Solana (SOLUSD) Volatility Intensified on Jul 11: What You Should Know

    July 11, 2026

    Subscribe to Updates

    Get the latest sports news from SportsSite about soccer, football and tennis.

    Our mission is to deliver timely, accurate, and easy-to-understand coverage of the fast-moving digital asset industry. Whether you're a beginner exploring cryptocurrency for the first time or an experienced investor following market trends, Cryptoz7.com provides valuable information to help you stay informed.

    Facebook X (Twitter) Instagram Pinterest YouTube
    Top Insights

    Bitcoin gets new expiration date thanks to Google researchers

    July 11, 2026

    Ethereum Price Analysis: ETH Faces a Crucial Test After Latest Rebound

    July 11, 2026

    Solana (SOLUSD) Volatility Intensified on Jul 11: What You Should Know

    July 11, 2026
    Get Informed

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • About Us
    • Get In Touch
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    © 2026 Cryptoz7. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.