A coordinated malware campaign dubbed TrapDoor has been spreading through popular open-source package registries since around May 22, targeting cryptocurrency wallets and developer credentials. The attack uses over 30 malicious packages across npm, PyPI, and Crates.io, with more than 300 affected versions. GitHub reported unauthorized access as early as May 20.
Malware spreads through three registries
The malware executes automatically once a developer installs a compromised package. On npm, TrapDoor runs via post-install scripts. In Python, it triggers when the package is imported. On Crates.io, it executes during the build process via build scripts. This three-pronged approach means any developer pulling dependencies from these registries could be at risk.
Crypto wallets and developer credentials in the crosshairs
TrapDoor scans for SSH keys, API tokens, cloud credentials, browser-stored passwords, and environment variables. It specifically targets crypto wallet files for Coinbase, MetaMask, Binance, and Solana-based tools. Once collected, stolen data is sent to external servers. The malware also attempts to maintain persistence by modifying startup processes or inserting hooks, making removal more difficult.
AI coding config files as attack vector
Beyond wallets and credentials, the campaign also targets AI coding tools. TrapDoor plants malicious configuration files like .cursorrules and CLAUDE.md. These files can manipulate AI assistants used by developers, potentially introducing vulnerabilities or stealing data through the coding workflow. It's a novel twist — attackers aren't just stealing keys, they're poisoning the tools developers trust.
No known mitigation yet
As of May 25, there's no public patch or specific response from the package registries affected. Developers who have installed packages from npm, PyPI, or Crates.io in the past week should immediately rotate any API keys, cloud credentials, and crypto wallet private keys stored on their machines. The full scope of the infection is still being assessed.
