Malicious Package Attacks Targeting DeFi Developers: User Funds at Risk
— CryptoSlate
Malicious package attacks targeting DeFi developers pose risks to user funds.
Socket's May 24 report reveals over 34 malicious packages and 384 versions targeting DeFi developers.
- TrapDoor shows compromised developer machines allow access to CI/CD systems and cloud accounts via malicious packages.
- The campaign risks user funds by distributing malicious code through normal developer workflows.
- Recent data indicates over 1.2 million malicious packages found in 2025, serving as entry points for broader intrusions.
The spread of malicious packages threatens the security of DeFi projects, complicating the protection of user funds.