CYBERSECURITY researchers have uncovered a supply chain attack in which legitimate packages on npm and PyPI were compromised to push malicious updates that steal wallet credentials and, in the PyPI variant, deliver a remote access trojan. The affected npm package is @dydxprotocol/v4-client-js and the PyPI package is dydx-v4-client, with malicious releases including 3.4.1, 1.22.1, 1.15.2 and 1.0.31 on npm and 1.1.5post1 on PyPI.
The wallet-stealer in the npm version siphons seed phrases and device information, while the PyPI version adds a RAT that runs when the package is imported and contacts an external server. The external command server is dydx.priceoracle[.]site/py, and on Windows the RAT uses the CREATE_NO_WINDOW flag to run without a console.
The threat actor reportedly had direct access to publishing infrastructure, and dYdX acknowledged the incident after responsible disclosure on 28 January 2026, urging affected users to isolate machines and rotate credentials, with the note that the dydxprotocol GitHub versions do not contain the malware. The incident comes after a prior 2022 and 2024 pattern of targeting dYdX assets through trusted channels. According to Socket security researcher Kush Pandya, the threat actor demonstrated detailed knowledge of the packages’ internals.