加密货币窃取程序 TrapDoor 正攻击三大代码仓库,34 个恶意软件包被检出
ChainCatcher 消息,安全公司 Socket Security 披露,一场名为 TrapDoor 的加密货币窃取活动正在 npm、PyPI 和 Crates.io 等软件包仓库中发起主动供应链攻击。目前已发现 34 个恶意软件包和 384 个版本及构件,攻击者持续在各生态系统中推送新版本。
TrapDoor 主要针对加密货币、DeFi、AI 和安全领域的开发者,窃取钱包、SSH 密钥、云凭证、GitHub 令牌、浏览器数据、环境变量和 API 密钥。Socket 检测到恶意版本的中位检测时间为 5 分 27 秒,最快检测发生在发布后 58 秒。
Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more
Replies
Related Flash News
币界网•45m agoCapital Macro: Even if the Middle East conflict ends in 2026, major economies still have no prospects of cutting interest rates
Blockbeats•49m agoThis week, macro data may dominate the crypto market, with PCE, unemployment claims, and housing data becoming key indicators for Fed rate cuts
Blockbeats•55m agoOn the eve of SpaceX's IPO, a $20 billion related-party transaction controversy emerged, and Musk's friend may use the IPO to rank among the top of the global billionaire list
ChainCatcher•57m agoSquid: Security incidents are unrelated to Squid's core protocols and contracts; all Squid users and integrators have not been affected
币界网•1h agoZEC's largest short position: ZEC short positions increased by 3,093.62 coins, with a total position exceeding $16.88 million
Blockbeats•1h agoUnitree Technology's STAR Market IPO will be held on June 1
Blockbeats•1h agoBitcoin ETFs have seen over $2 billion in outflows in two weeks, but analysts say "institutional funds have not left."
Blockbeats•1h agoPrometheum Bets on Wall Street Channels: What Tokenized Securities Truly Lacks Is Not Technology, But 'Distribution'
Blockbeats•1h agoThe Kingdom of Bhutan has cumulatively sold 9,180 BTC, at an average price of $98,067
ChainCatcher•1h agoBlockaid: SquidRouterModule suspected of being attacked, 86 Gnosis Safe wallets were stolen for approximately $3 million within about 2 hours
Trending crypto
