Unconfirmed: Rumor of Injective SDK Package on npm Infected with Crypto Wallet-Stealing Malware
Unverified reports suggest that the Injective Software Development Kit (SDK) package on npm might have been embedded with malware by hackers to steal digital wallet data.
Unconfirmed reports circulating in cybersecurity circles claim that the Software Development Kit (SDK) package of Injective Labs, a blockchain protocol for finance, has been compromised by hackers. A malicious version was allegedly published on npm (Node Package Manager), a public code repository for developers, with the objective of stealing Private Keys and Mnemonic Seed Phrases from cryptocurrency wallets. However, an investigation by the "Than AI" news team has not found such reports from BleepingComputer, which was cited as the original source, or from other reputable sources. This leaves the current status of the news as an unconfirmed "rumor." Although the Injective SDK case remains unconfirmed, this type of attack, known as a Supply Chain Attack, has previously occurred multiple times with other packages on npm. For instance, dYdX had fake packages uploaded to the repository to trick developers into downloading code embedded with crypto wallet-stealing malware. The attack pattern involves hackers compromising the accounts of developers managing popular open-source projects, subtly modifying the code to implant malware, and then releasing it as a new version. When other developers incorporate this latest package version, the malware immediately activates within their projects.
This type of attack poses a direct threat to developers and users of crypto projects in Thailand. If developers use infected code, it could lead to the loss of user funds and damage project credibility.