Injective Labs npm Packages Backdoored to Steal Crypto Wallets
Hackers compromised Injective Labs' GitHub repo to push malicious npm packages that steal cryptocurrency wallet keys. 18 packages affected, detected within an hour.
Hackers compromised the Injective Labs GitHub repository and pushed malicious code to 18 npm packages designed to steal cryptocurrency wallet private keys and mnemonic seed phrases. Security firms Socket, Ox Security, and StepSecurity detected the attack within an hour of publication, but not before the poisoned packages were downloaded over 300 times.
The primary target was @injectivelabs/[email protected], a TypeScript SDK with 50,000 weekly downloads used for building applications on the Injective blockchain. The attack is the latest in a wave of supply chain compromises targeting developer tools this month.
How the Attack Worked
The malicious code was disguised as telemetry functionality called trackKeyDerivation(), claiming to collect anonymized usage metrics for SDK optimization. In reality, when developers called functions to generate or import wallet keys, the malware captured the full mnemonic seed phrase and private key.
The payload encoded stolen data in base64 and exfiltrated it via HTTPS POST requests to testnet.archival.chain.grpc-web.injective[.]network—a legitimate-looking Injective infrastructure endpoint chosen to blend with normal traffic.
Attackers gained access through a compromised GitHub maintainer account belonging to "thomasRalee." The commits bypassed the project's normal release flow entirely, pushing directly to npm through the repository's trusted-publisher OIDC pipeline.
18 Packages in the Blast Radius
Beyond the primary SDK, attackers backdoored 17 additional packages in the @injectivelabs scope that depended on the SDK:
- @injectivelabs/utils
- @injectivelabs/networks
- @injectivelabs/wallet-base, wallet-core, wallet-evm
- @injectivelabs/wallet-ledger, wallet-magic, wallet-trezor
- @injectivelabs/wallet-cosmostation, wallet-wallet-connect
- Multiple other wallet ecosystem packages
Each package pinned the malicious SDK version, putting transitive users at risk even if they never directly installed the compromised SDK.
Why This Matters
Injective SDK powers cryptocurrency wallets, trading bots, decentralized exchanges, and DeFi payment tools. Unlike most infostealers that activate on installation, this malware waited until developers actually used key generation functions—a clever evasion technique that delays detection while ensuring high-value credential theft.
The attack also exploited GitHub's OIDC trusted-publisher workflow, which many organizations assume is more secure than traditional API token authentication. When a legitimate maintainer account is compromised, these protections mean nothing.
Despite the 300+ downloads of poisoned packages, Injective CEO Eric Chen confirmed no funds were lost. The malicious release was deprecated within an hour, though GitHub release artifacts remained available at the time of reporting.
Immediate Actions
- Check lockfiles for
@injectivelabs/[email protected]or any version between 1.20.21 and 1.20.22 - Assume compromise if affected packages were installed—treat all private keys and seed phrases as exposed
- Rotate credentials immediately by generating new wallet addresses and transferring assets
- Update to version 1.20.23 which contains verified clean code
- Audit npm install logs for unexpected outbound connections to Injective domains
The incident highlights why organizations building on blockchain infrastructure should pin specific dependency versions and monitor for unexpected package updates. When AI coding tools are themselves becoming targets, supply chain verification deserves more scrutiny than ever.
Frequently Asked Questions
Were any cryptocurrency funds actually stolen? No confirmed thefts have been reported. The malicious packages were live for less than an hour before detection, and Injective's response was fast enough to prevent widespread exploitation.
How can I tell if my wallet was compromised? If you installed affected packages between July 8-9, 2026, and called key generation functions, your credentials may have been exfiltrated. Generate new wallet addresses as a precaution—don't wait for confirmation of theft.
Related Articles
jscrambler npm Compromise Drops Rust Stealer Targeting AI Tools
Attackers hijacked the jscrambler npm package to deploy a cross-platform Rust infostealer that harvests credentials from AI coding assistants, cloud platforms, and crypto wallets.
Jul 12, 2026Hijacked npm and Go Packages Use VS Code Tasks and Blockchain C2
18 compromised packages hide execution in VS Code folder-open tasks, fetch encrypted payloads from blockchain transactions, and deploy Python infostealers.
Jun 30, 2026npm Package Targeted Claude AI Users, Leaked Own GitHub Token
Malicious npm package mouse5212-super-formatter stole files from Claude AI's working directory. The attacker's own GitHub token was exposed in the code, allowing researchers to trace exfiltration.
May 28, 2026Leaked Shai-Hulud Code Spawns npm Infostealer With DDoS Capabilities
Leaked Shai-Hulud malware source code fuels new npm supply chain attack. Four malicious packages steal credentials and deploy DDoS bot with TCP/UDP flood capabilities.
May 22, 2026