Hackers tried to backdoor Injective npm package to steal wallet keys

Hackers attempted to compromise Injective's npm package with a backdoor designed to steal wallet private keys, Socket researchers discovered. The attack targeted developers and applications managing Injective wallet operations, posing significant risks to user funds. This highlights npm supply chain vulnerabilities affecting crypto projects. Indian developers using Injective should audit their dependencies immediately and update to patched versions to prevent potential key compromise.
Key takeaways
- 1Hackers attempted to inject a backdoor into Injective's npm package to steal private wallet keys from developers.
- 2Socket researchers discovered the supply chain attack targeting applications managing Injective wallet operations.
- 3Indian developers using Injective must immediately audit dependencies and update to patched versions to prevent key compromise.
Coins in this story
Why it matters
This npm supply chain vulnerability exposes Indian crypto developers and retail investors to direct fund theft through compromised wallet keys, highlighting critical security risks in cryptocurrency infrastructure that require immediate attention.
Related stories

Robinhood Chain sees over $70M in ETH bridged during first week
Robinhood Chain, an Arbitrum-based layer-2 network, bridged over $70 million ETH in its first week since July 1 launch. The AI-native platform tokenizes real-world assets and stocks across 120+ countries. Daily active users hit 194,000 with $39,000 daily revenue. Experts view this as structural positive for Ethereum, creating new ETH demand through gas fees and settlement layer positioning.

Zcash targets July 28 launch for Ironwood network upgrade
Zcash’s next upgrade will replace the once-compromised Orchard pool and may offer clues about whether counterfeit tokens were created via a recent bug....

BitGo Adds Quantum-Risk Controls to Bitcoin Custody
Bitcoin Magazine BitGo Adds Quantum-Risk Controls to Bitcoin Custody BitGo launched new quantum-risk tools that help institutional Bitcoin holders identify and reduce potential future quantum-computing exposure in their custody wallets. This post BitGo Adds Quantum-Risk Controls to Bitcoin Custody first appeared on Bitcoin Magazine and is written by Micah Zi...