Hackers attempt to backdoor Injective npm package to steal wallet keys

2 hours ago 1



Someone almost pulled off a very clean heist on July 8, 2026. Attackers compromised a trusted GitHub maintainer on the Injective project and pushed a poisoned version of the @injectivelabs/sdk-ts TypeScript SDK directly to the master branch, no code review required. The malicious payload went live at 20:59 UTC and was gone by 21:16 UTC. Seventeen minutes.

Security researchers from StepSecurity and Socket identified the attack and flagged it. A revert commit restored clean package versions within roughly 49 minutes of the initial malicious push, according to research findings. No widespread theft has been confirmed, but the window was real, and the method was sophisticated.

What the attackers actually did

The compromised account belonged to a maintainer identified as thomasRalee, operating under the email [email protected]. Gaining access to that account gave the attacker direct push access to the master branch without a traditional review process.

From there, the attacker pushed malicious commits between 20:24 and 20:54 UTC, setting up a backdoor in version 1.20.21 of the SDK. The tainted version was then propagated across 18 associated npm packages, each one pinned to that exact poisoned release.

Instead of using post-install hooks, which security scanners typically catch, the attackers used stealthy runtime injection methods. The malicious code didn’t run when developers installed the package. It ran when users actually interacted with their wallets.

The backdoor specifically targeted PrivateKey.fromMnemonic(), a core function that handles BIP-39 seed phrases. When a wallet operation triggered that function, the code captured the mnemonic or private key and shipped it out via POST request, disguised in encoded headers to look like normal traffic.

Why supply-chain attacks are crypto’s unsolved problem

This wasn’t a smart contract exploit. There was no on-chain vulnerability to patch. The attack vector was the software supply chain itself, specifically the open-source dependency ecosystem that nearly every crypto development team relies on.

A single maintainer’s compromised Gmail account became the entry point for an attack targeting private keys across an entire SDK ecosystem.

Cached packages represent a specific ongoing risk that doesn’t disappear when the malicious version is removed from npm. Developers who installed version 1.20.21 during that window, or whose CI/CD pipelines cached it, may still be running compromised code. Lock files and package caches don’t automatically update when a registry version is removed.

What developers and investors should watch

For developers building on Injective or using any of the 18 affected packages, the immediate priority is auditing dependency lock files for version 1.20.21. The clean releases, tagged 1.20.23, are available. Any application that touched wallet operations using the affected version during the live window should be treated as potentially compromised until confirmed otherwise.

Requiring multi-factor authentication on all maintainer accounts, mandatory code review for any commit touching cryptographic functions, and automated dependency scanning tools that flag runtime behavior rather than just install-time scripts would each have made this attack vector significantly harder to execute.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

Read Entire Article