Full Report
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below - @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31&
Analysis Summary
# Tool/Technique: Compromised dYdX npm and PyPI Packages
## Overview
This describes a supply chain attack targeting developers using legitimate packages for the dYdX v4 protocol on the npm and PyPI ecosystems. The compromised package versions were used to distribute malware designed for cryptocurrency wallet credential theft and establishing remote access capabilities on victim machines.
## Technical Details
- Type: Malware/Technique (Supply Chain Compromise)
- Platform: Primarily JavaScript (Node.js/npm) and Python (PyPI) environments.
- Capabilities: Cryptocurrency wallet credential theft (seed phrases, device info) and Remote Access Trojan (RAT) functionality.
- First Seen: The disclosure date related to this specific supply chain attack is around January/February 2026, following responsible disclosure on January 28, 2026.
## MITRE ATT&CK Mapping
Given the context of distributing malicious code through legitimate repositories and its execution upon installation/import:
- **TA0001 - Initial Access**
- T1195 - Supply Chain Compromise
- T1195.002 - Compromise Software Supply Chain
- **TA0005 - Defense Evasion**
- T1027 - Obfuscated Files or Information (Mentioned 100-iteration obfuscation in PyPI version)
- **TA0011 - Command and Control**
- T1071 - Application Layer Protocol (Used for RAT communication)
- **TA0010 - Exfiltration**
- T1041 - Exfiltration Over C2 Channel (Implicitly used for stolen credentials)
## Functionality
### Core Capabilities
- **Credential Theft (Cross-Ecosystem):** Siphoning sensitive information, specifically cryptocurrency wallet seed phrases and device information, from affected users.
- **Package Poisoning:** Injecting malicious code directly into seemingly legitimate package installation routines by compromising publishing credentials. In npm, this targeted wallet stealers; in PyPI, it included both wallet theft and RAT functions.
- **Persistence/Execution:** For the Python package, the RAT component runs immediately upon package import.
### Advanced Features
- **Remote Access Trojan (RAT):** The Python variant includes a RAT mechanism that calls out to a command and control server to receive and execute further commands on the host system.
- **Stealth Execution (Windows):** The RAT component on Windows utilized the `CREATE_NO_WINDOW` flag during process creation to ensure code execution occurs without a visible console window.
- **Code Obfuscation:** The PyPI version exhibited 100-iteration obfuscation, indicating an attempt to hinder automated analysis.
- **Internal Code Manipulation:** Malware was inserted into "core registry files" (`registry.ts`, `registry.js`, `account.py`), demonstrating knowledge of the package's internal structure.
## Indicators of Compromise
*Note: Hashes and specific network indicators are not provided in the article, but the structure for data found is below.*
- File Hashes: [Not provided in the text]
- File Names: Code modifications were noted in `registry.ts`, `registry.js` (npm variants), and `account.py` (PyPI variant).
- Registry Keys: [Not applicable/provided]
- Network Indicators: C2 server mentioned for the PyPI RAT: `dydx.priceoracle[.]site/py` (Defanged: `dydx[.]priceoracle[.]site/py`)
- Behavioral Indicators: Execution upon package import/use, process creation with `CREATE_NO_WINDOW` flag on Windows.
## Associated Threat Actors
The specific threat actor group is not named in the provided text. The attack mechanism is attributed to an actor who gained access via developer account compromise and demonstrated cross-ecosystem coordinated deployment.
## Detection Methods
- **Signature-based detection:** Creating signatures targeting the known obfuscated strings or the specific C2 domains used by the RAT component.
- **Behavioral detection:** Monitoring for code execution within installation scripts or upon module import, especially file system reads/writes targeting wallet data or outbound connections to suspicious domains immediately post-installation.
- **YARA rules:** Could be created targeting the unique structure of the injected initialization code within the compromised package files.
## Mitigation Strategies
- **Isolation:** Immediately isolate affected machines if the packages were installed.
- **Fund Migration:** Move cryptocurrency assets to newly generated wallets established on clean, verified systems.
- **Credential Rotation:** Rotate all API keys and sensitive credentials associated with development environments or accounts that integrated the affected packages.
- **Source Verification:** Verify that source code pulled directly from official repositories (e.g., dYdX Github organization) does not match potentially compromised library sources.
- **Dependency Security:** Vet package sources, minimize the use of transitive dependencies, and utilize dependency scanning tools that monitor for malicious code insertion in previously trusted packages.
## Related Tools/Techniques
- **Supply Chain Attacks:** Similar historical incidents targeting dYdX in September 2022 (npm account hijacking).
- **Credential Harvesting Malware:** Techniques similar to those used in JS/Python wallet drainers that target seed phrases.
- **RAT Deployment via Trusted Channels:** Using legitimate software update mechanisms to push remote access capabilities.