A sophisticated supply chain attack on the dYdX protocol has injected malicious code into official client libraries used by developers, compromising packages on both npm and PyPI.
The attack aims to steal cryptocurrency wallets and plant backdoors in trading applications, with the npm package @dydxprotocol/v4-client-js acting as a wallet stealer that exfiltrates seed phrases and device fingerprints, and the PyPI package dydx-v4-client delivering a wallet stealer plus a Remote Access Trojan enabling arbitrary code execution.
The malware hides inside core registry files and, once imported, runs a hidden bootstrap script that decrypts a payload, with a RAT beaconing to a C2 server every 10 seconds and enabling arbitrary Python code execution. The compromised versions were published simultaneously, and the affected versions are npm: 3.4.1, 1.22.1, 1.15.2, 1.0.31 and PyPI: 1.1.5post1.
According to Socket’s Threat Research Team, the domain used for exfiltration was a typosquatting site designed to resemble the trusted service, and the attackers appear to have had direct access to maintainers’ publishing credentials. Developers should assume their environments are fully compromised and that the compromise persists as long as any Python process imports the malicious package.