相場

"TrapDoor" Attacks Targeting Solana, Sui, and Aptos Wallets Pose a Threat of Developer Data Leaks

"TrapDoor" Attacks Targeting Solana, Sui, and Aptos Wallets Pose a Threat of Developer Data Leaks

Recently, a new cyberattack known as the “TrapDoor Package Attack” has been identified in the crypto assets industry.This attack aims to steal sensitive information, including wallet data from major blockchains such as Solana, Sui, and Aptos. Developers in the crypto assets, DeFi (decentralized finance), AI (artificial intelligence), and security fields are specifically targeted.Attackers are using fake tool packages to attempt to steal developers’ wallet information, SSH keys (authentication credentials required for secure connections to servers), GitHub tokens (authentication credentials granting access to GitHub accounts), cloud credentials (information required to log in to cloud services), and even browser data.This campaign could pose a serious risk to the entire developer community, and users are being urged to remain vigilant. We will provide a detailed explanation of the specific tactics used in this attack and the precautions developers and general users should take. The source is a report by Coindesk.

Overview of the “TrapDoor” Attack

The “TrapDoor package attack” is a new cyber threat targeting the crypto assets sector. This attack specifically targets developers. Attackers employ a tactic of distributing fake tool packages.

The targets are not limited to developers in the crypto assets sector. Developers in the fields of DeFi (decentralized finance), AI (artificial intelligence), and security are also being targeted. Developers across a wide range of technical fields are at risk from this attack.

The primary objective of this attack is to steal confidential information. Specifically, attackers are targeting wallet data (digital wallets used to manage crypto assets). They are also targeting various types of information essential to development environments.

According to a report by Coindesk, this attack was confirmed on May 29, 2026. Analysis of the attack’s details is currently underway.

Major Blockchains Targeted

The three blockchains specifically named in this attack are Solana, Sui, and Aptos. All three are known as platforms characterized by high processing performance.

Solana has garnered attention for its fast transaction speeds and low fees. Many projects are active in the DeFi and NFT (non-fungible token) sectors, resulting in a very active developer community.

Sui and Aptos are new blockchains based on the Move language. They, too, prioritize scalability and security. They have attracted many developers working with new technology stacks.

Each of these blockchains is building its own unique ecosystem. Since many developers are using their tools and libraries, they can become attractive targets for attackers.

Attack Methods and Targeted Information

“TrapDoor package attacks” are carried out using fake tool packages. The infection spreads when developers download and run these packages.

The fake packages are distributed to appear as legitimate tools. Developers must always verify that they are downloading from a trusted source.

The information stolen in these attacks is wide-ranging. The greatest concern is data from crypto asset wallets, which poses a risk of assets being fraudulently transferred.

SSH keys (authentication credentials required for secure connections to servers) are also targeted. If SSH keys are stolen, developers’ servers and systems could be compromised.

GitHub tokens (credentials that grant access to GitHub accounts) are also targeted. This could lead to the tampering of source code repositories or the leakage of confidential information.

Furthermore, cloud credentials (information required to log in to cloud services) are also being targeted. Unauthorized access to cloud environments can cause significant damage to an entire company.

Browser data is also a target for theft. This may include saved passwords and cookies, among other things. There is a risk that personal information and access credentials for other services could be leaked.

Impact on Developers and Associated Risks

These attacks have extremely serious consequences for developers. First, if wallet data is stolen, there is a risk of losing their crypto assets.

The compromise of SSH keys or GitHub tokens can lead to the takeover of development environments. There is a risk that project code could be tampered with or that malicious code could be injected.

The leakage of cloud credentials affects the entire corporate infrastructure. It also increases the risk of customer data and trade secrets being compromised.

A loss of trust in developers is also a major issue. Security incidents cause long-term damage to the reputation of projects and companies.

Furthermore, attacks can infect developers’ PCs with malware. This creates the risk of further information theft and system disruption.

Potential Impact on General Users

This attack primarily targets developers. However, general users of crypto assets may also be indirectly affected.

If a developer’s system is compromised, it will also affect the projects in which that developer is involved. For example, vulnerabilities may arise in DApps (decentralized applications).

The risk of supply chain attacks should also be considered. This refers to cases where development tools or libraries are tampered with and ultimately incorporated into applications intended for users.

Therefore, users need to pay attention to the security status of the DApps and services they use. It is important to make a habit of verifying whether the developer is trustworthy.

It is also important not to neglect security measures for your own wallet and accounts. Basic precautions, such as using multi-factor authentication and avoiding clicking on suspicious links, are effective.

The Importance of Security Measures

Strict security measures are essential to protect yourself from such attacks. Developers, in particular, should pay attention to the following points.

First, always download tools and libraries from official, trusted sources. You should avoid obtaining them from suspicious repositories or forums.

It is also important to get into the habit of verifying software hash values (values used to confirm a file’s integrity). This allows you to verify that the downloaded file has not been tampered with.

It is recommended to separate your development environment from PCs used for other purposes. Setting up a dedicated environment can help reduce risk.

Manage SSH keys, GitHub tokens, and cloud credentials with the utmost care. Apply the principle of least privilege and avoid granting unnecessary access permissions.

Regular password changes and the use of multi-factor authentication (a system that requires multiple authentication factors during login) are also essential. This enhances resistance to unauthorized access.

It is also important to install security software and keep it up to date at all times. This allows you to detect and address suspicious behavior early on.

Future Trends and Precautions

Cyberattack methods are becoming more sophisticated every day. The recent “TrapDoor package attack” is a prime example of this.

The crypto assets ecosystem is a treasure trove of new technologies and innovations. However, as it grows, so do the threats posed by attackers.

Information sharing and collaboration across the entire developer community are essential. When a security incident occurs, it is imperative to share information promptly and take appropriate countermeasures.

As users, we must also stay constantly attuned to the latest security information. The knowledge and actions we take to protect our own assets are becoming increasingly important.

Detailed information about such attacks and new countermeasures may continue to be released in the future. It is wise to continue paying close attention to related news.

Note: This article is intended for informational purposes only and does not recommend any specific investment actions. Please make investment decisions at your own discretion.

[Source: Original Article]

RedotPay $5 Cash Back When You Apply for a Card — Sign-up Bonus When You Apply Through an Authorized Agent

Sources and References