Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
The Massive Supply Chain Attack Targeting Crypto Developers
Key Takeaways
Supply Chain Attack Scheme Trapdoor Targets Developers For Maximum Performance
While some malware campaigns target everyday crypto users, others focus on developers, aiming to capture targets with a higher chance of holding large amounts of cryptocurrency and having access to broader resources.
Researchers at Socket, a company that specializes in preventing supply chain attacks, have identified a broad campaign targeting crypto developers using infected packages across npm, PyPI, and Crates.io.
Dubbed Trapdoor, the supply chain attack spans 34 packages across these development environments, encompassing over 384 versions, with some still available. Socket reported that the affected packages were published in waves starting on May 22 and then were updated throughout the following weekend.
The packages stood out due to their nature, as they allegedly represented generic developer tools and appeared in quick succession across different registries. This gives the campaign “broad reach across adjacent developer communities where crypto wallets, cloud credentials, Github tokens, and SSH keys are likely to be present,” socket assessed.
The infected packages invade the development environment of crypto developers, leveraging these alleged open-source tools, taking hold of secrets, crypto wallets, secure shell (SSH) keys, and other relevant data.
Trapdoor infected packages also try to leverage AI tools to collaborate with their attack, using directive files to trick AI coding tools to run a security scan and exfiltrate highly sensitive data.
Socket stated that while this technique could not work consistently across all AI tools and models, its presence shows that attackers “are actively experimenting with AI development environments as part of supply chain malware campaigns.”
Chain attacks are becoming more common. In September, the crypto community was alerted about a similar hack, with several packages used by crypto wallets being compromised and modified to steal cryptocurrency funds from wallets containing bitcoin, ether, and solana, among other digital assets.