A supply-chain attack against the Injective Labs SDK project resulted in a malicious version of the @injectivelabs/sdk-ts npm package that stole cryptocurrency wallet private keys and mnemonic seed phrases. Application security firms Socket, Ox Security, and StepSecurity jointly identified the compromise, which was introduced via version 1.20.21 of the package.
How the Attack Unfolded
The attackers gained access to a GitHub account belonging to a legitimate project contributor. Suspicious commits first appeared on June 8, and the malicious package was published to npm shortly afterward. The attacker also pinned 17 additional packages associated with the project to the compromised SDK version, broadening the potential blast radius.
The legitimate account owner detected the intrusion within minutes, reverted the changes, and released a clean build under version 1.20.23. Despite the quick response, Socket confirmed the malicious version was downloaded approximately 310 times before it was deprecated rather than fully removed. Notably, the malicious GitHub release artifacts remain publicly accessible.
Malware Behavior
The malware does not execute on package installation. Instead, it activates when developers call SDK functions that generate or import wallet keys, making it harder to detect through routine installation audits. Once triggered, it:
- Captures the full mnemonic seed phrase and private key
- Encodes the data in base64
- Queues multiple stolen credentials for approximately two seconds, then bundles them into an HTTP POST request header
- Exfiltrates the data to an Injective Labs public infrastructure endpoint to blend the traffic with legitimate network activity
Using a trusted, project-owned endpoint for exfiltration was a deliberate evasion technique designed to make outbound traffic appear routine to network monitoring tools.
Scope and Impact
The @injectivelabs/sdk-ts package records approximately 50,000 weekly downloads and is widely used in cryptocurrency wallets, trading bots, decentralized exchanges, DeFi applications, and payment tooling built on the Injective Layer-1 blockchain. Ox Security noted that the 87 direct dependent packages collectively registered just over 112,000 downloads, underscoring the potential downstream exposure beyond the primary package itself.
Recommended Actions
Developers who may have fetched version 1.20.21 during the window of exposure should take the following steps immediately:
- Transfer all cryptocurrency holdings to freshly generated wallets with new keys
- Rotate every secret, credential, and API key in the affected environment
- Audit dependency trees for transitive exposure through the 87 identified dependent packages
- Verify that build pipelines are pinned to clean releases at version 1.20.23 or later
The incident reinforces the risk of trusting contributor accounts without hardware-backed authentication controls, and highlights how legitimate infrastructure can be weaponized to mask data exfiltration.
