Security firm warns of 'TrapDoor' malware targeting crypto, AI developers

Cybersecurity firm Socket has warned of 'TrapDoor' malware that specifically targets developers in the cryptocurrency, decentralized finance (DeFi), and artificial intelligence (AI) sectors. According to a Cointelegraph report citing a blog post from Socket published yesterday, attackers upload malicious packages to developer libraries like npm and PyPI. Developers who download and install these packages become infected with the 'TrapDoor' malware. Socket explained that the malware is an info-stealer designed to compromise users' cryptocurrency wallets, such as MetaMask and Phantom, as well as SSH keys and GitHub tokens, which can ultimately lead to asset theft.