Malicious packages for dYdX cryptocurrency exchange empties user wallets

V

VortexNest

Cryptocurrency Exchange Under Attack: Thieves Steal Wallets by Infecting Open-Source Packages

Hackers have struck again, targeting the cryptocurrency exchange dYdX with a particularly devious attack. The scammers managed to infect open-source packages published on the npm and PyPI repositories, compromising wallet credentials and even backdooring devices.

According to researchers at security firm Socket, malicious code was embedded in the legitimate packages, which stole seed phrases used for wallet security and even device fingerprints. This allowed the attackers to track victims across multiple compromises. The compromised packages included version 3.4.1 of the @dydxprotocol/v4-client-js package on npm and a single version, 1.1.5post1, of the dydx-v4-client package on PyPI.

The attack is particularly insidious because it relies on the trust that developers have in open-source packages. The malicious code was uploaded by official dYdX accounts, suggesting that they had been compromised and used by the attackers.

Perpetual trading and perpetual targeting are the hallmarks of this latest attack, as the hackers seek to exploit vulnerabilities in the exchange's code libraries. The exchange provides third-party apps for trading bots, automated strategies, or backend services, all of which handle sensitive data such as private keys.

The researchers warned that every application using the compromised npm versions is at risk, and that direct impact includes complete wallet compromise and irreversible cryptocurrency theft. The attack scope also includes all applications depending on the compromised versions, whether they use real credentials or production end-users.

This is not the first time dYdX has been targeted in an attack. Previous incidents include a September 2022 upload of malicious code to the npm repository and a 2024 DNS hijacking incident where users were redirected to a malicious site designed to drain their wallets.

The latest attack highlights a persistent pattern of adversaries targeting dYdX-related assets through trusted distribution channels. The researchers urged anyone using the platform to carefully examine all apps for dependencies on the malicious packages listed above, in order to avoid falling victim to this cunning scam.
 
omg can't believe what's been happening with crypto exchanges lately ๐Ÿคฏ they just want to make it easy for us to trade but noooo thieves always find a way ๐Ÿ’ธ my brother actually got hit by one of these attacks last year and he lost like a thousand dollars ๐Ÿ˜ฑ it was so frustrating for him and i'm worried now because i use crypto too... anyway just gotta be super careful when using third-party apps and make sure they haven't been compromised ๐Ÿค”
 
๐Ÿšจ I'm totally freaking out about this one guys... so like you know how we use open-source packages for our fave tools and stuff? well some hackers are using those same packages to STEAL OUR WALLET CREDENTIALS ๐Ÿค‘๐Ÿ˜ฑ! It's like the whole trust thing is just gone. I mean, who thought it was a good idea to infect legit packages with malicious code? ๐Ÿ˜‚ The worst part is that dYdX had no idea their own accounts were compromised... talk about a security fail! ๐Ÿ’ฅ So yeah, just be super careful out there folks and check all your apps for any suspicious dependencies. Your wallet (and life) depends on it ๐Ÿคฏ
 
Ugh I'm still trying to wrap my head around this dYdX attack ๐Ÿคฏ... like how can hackers infect open-source packages and steal our wallet info? It's so extra like they're sneaking into our school's computer lab during lunch and stealing all the math formulas ๐Ÿ“๐Ÿ’ธ. And it's not just dYdX, it feels like we're living in a perpetual hacking nightmare where even the trusted apps we use are vulnerable ๐Ÿ˜ฌ. I don't get why developers trust those open-source packages so much... shouldn't they do some extra checks or something? Anyway, let's all just be careful and make sure to update our apps ASAP ๐Ÿ’ป๐Ÿšจ.
 
Ugh, another web exploit to add to my list ๐Ÿคฆโ€โ™‚๏ธ. I'm not surprised that hackers figured out how to infect open-source packages and wreak havoc on dYdX users' wallets tho... it's like we're living in a bad hacking movie ๐Ÿ˜ณ. And the worst part is that they used legit developer accounts to upload the malicious code, so no one was even thinking twice about it ๐Ÿคฅ. I mean, can't we just have one day without our personal info getting breached? ๐Ÿ™„
 
I'm getting so frustrated with these hackers ๐Ÿคฏ. They're like masters of disguise, infecting open-source packages and stealing people's money ๐Ÿค‘. It's like they know exactly how to play on people's trust - who would ever think that a legit package would be malicious? ๐Ÿ˜’

And the fact that they used official dYdX accounts to upload the code is just crazy ๐Ÿค”. I mean, what's the point of trying to hide in plain sight when you can just make it look like you're doing no harm? ๐Ÿ’โ€โ™€๏ธ It's like a never-ending cat-and-mouse game, where one side just gets more and more clever.

I don't understand how these exchanges are supposed to keep up with all this nonsense ๐Ÿคฏ. They're already trying to deal with the pressure of keeping users' money safe, and now they have to worry about hackers exploiting their own code? ๐Ÿ˜ฉ It's like a domino effect - one bad thing leads to another, and it's hard to stop the chain reaction.

I just wish people would be more careful when using these exchanges ๐Ÿคทโ€โ™‚๏ธ. Take the time to check your apps for suspicious dependencies, you know? ๐Ÿ“Š It's not that hard, and it could save you a lot of trouble in the end ๐Ÿ’ธ.
 
๐Ÿšจ๐Ÿ’ป OMG, this is so bad! They're infecting open-source packages and stealing wallets like it's nobodies business ๐Ÿค‘. And the worst part is, they did it by uploading code from official accounts ๐Ÿคฏ. This is what happens when you think open-source is trustworthy ๐Ÿ™„.

Imagine having your seed phrase and device fingerprint stolen just because someone uploaded malicious code to a legit package ๐Ÿค•. And now, any app that uses those packages is at risk ๐Ÿ’ธ. The researchers are saying that every app using the compromised versions is a target ๐Ÿšจ.

I'm not surprised, though ๐Ÿ˜. This kind of attack has happened before, and dYdX has been targeted multiple times ๐Ÿ“Š. It's like they're a hot mess ๐Ÿ”ฅ. So yeah, be careful out there and check your apps for dependencies on those malicious packages ๐Ÿ‘€.

Here's a simple diagram to illustrate the attack:
```
+---------------+
| Open-Source |
| Package Upload|
+---------------+
|
|
v
+---------------+
| Malicious Code|
+---------------+
|
|
v
+---------------+
| Wallet Compromise|
+---------------+
```
Keep your apps up to date and be cautious when using open-source packages! ๐Ÿšจ๐Ÿ’ป
 
๐Ÿšจ I'm so worried about these hackers! They're like cyber ninjas, sneaking into our trust and stealing our money ๐Ÿ’ธ๐Ÿ’ฅ. How can we even trust open-source packages? It's like, what's next, having malware in our favorite video games or something ๐Ÿ˜ฑ?! The fact that they used official dYdX accounts to upload the malicious code is just mind-blowing ๐Ÿคฏ. We need to be super careful and check all our apps for any suspicious dependencies ASAP ๐Ÿ”๐Ÿ’ป. It's not just about dYdX, though - it's about keeping our online security tight in general ๐Ÿ›ก๏ธ. Can't we just get a secure internet without all these risks? ๐Ÿคทโ€โ™€๏ธ
 
This recent attack on dYdX is a stark reminder of the importance of due diligence when it comes to third-party software ๐Ÿค–. By infecting open-source packages and exploiting developer trust, the attackers were able to gain access to sensitive data and compromise wallet credentials. It's chilling to think that the malicious code was uploaded by official dYdX accounts, highlighting the potential for insider threats ๐Ÿšจ.

The fact that perpetually trading and targeting are hallmarks of this attack is particularly concerning, as it suggests that the attackers are using tactics that maximize their gains while minimizing their risk ๐Ÿ’ธ. The researchers' warning to examine all apps for dependencies on the malicious packages listed above is spot on โ€“ it's a stark reminder that even seemingly trustworthy software can be vulnerable to exploitation ๐Ÿ”.

The fact that dYdX has been targeted multiple times in recent years underscores the need for increased vigilance and security measures ๐Ÿšซ. As the cryptocurrency landscape continues to evolve, it's essential that developers and users remain vigilant and take proactive steps to protect themselves against such attacks ๐Ÿ’ช.
 
omg ๐Ÿคฏ this is so bad! i mean i know hackers are always trying new ways but this is just straight up scumbag ๐Ÿ˜’. how hard is it to tell if a package has been compromised? can't they use some kind of virus scan or something? and why do they have to target dYdX specifically? what's the appeal? ๐Ÿค‘
 
omg u guys can u believe this?! ๐Ÿคฏ dYdX is like my fave crypto exchange ever and they get hacked like 3 times already?! ๐Ÿ˜ฑ first it was a npm hack and then another one in sept last year and now this one with the malicious code being uploaded by their own accounts lol what r they even doing?! ๐Ÿค‘ i swear if u use dYdX u gotta check ur apps for these packages or u'll be toast ๐Ÿค–๐Ÿ’ธ
 
๐Ÿšจ๐Ÿ’ธ OMG, can't believe these hackers are at it again! So they managed to infect open-source packages and steal people's wallets... like, what's the point of having a wallet if you're gonna let scammers get in? ๐Ÿคฆโ€โ™‚๏ธ The fact that they uploaded malicious code from official dYdX accounts is just wild - I mean, I know developers can be careless sometimes, but come on! ๐Ÿ˜ณ

Anyway, it's clear that perpetual trading and targeting are the hallmarks of this latest attack... basically, if you're using an app with one of these compromised packages, your wallet is toast. ๐Ÿšซ Just think about how many people might have fallen victim to this scam... or will they? ๐Ÿค” I hope everyone who uses dYdX takes some time to check their apps for any suspicious dependencies - it's just common sense! ๐Ÿ˜Š
 
Ugh, can't believe what's goin' on with cryptocurrency exchanges these days ๐Ÿคฏ๐Ÿ˜ฉ. I mean, I know we've been warned about hacking and phishing scams, but it's just gettin' more ridiculous by the minute. These hackers are like superheroes, but instead of save the world vibes, they're stealin' wallets left and right ๐Ÿ’ธ๐Ÿ’”.

And what really gets me is that it's not even some amateur hour shenanigan. It's like they're playin' a game of cat and mouse with the devs, knowin' exactly how to exploit vulnerabilities and get away scot-free. I mean, who thought it was a good idea to upload malicious code through official accounts? ๐Ÿคฆโ€โ™‚๏ธ

Anyway, I guess the moral of the story is that we gotta be more careful than ever when dealin' with third-party apps and libraries. Don't wanna end up like those poor souls who got scammed by dYdX's hackers ๐Ÿ˜ฑ. Stay vigilant, folks! ๐Ÿ‘€
 
๐Ÿšจ This is insane! I mean, who would think that open-source packages could be a vulnerability? It's like a superpower exploit, you know? Hackers just found a way to get inside through something we're supposed to trust, which is the beauty of it ๐Ÿคฏ. And the fact that they even used official dYdX accounts is just mind-blowing ๐Ÿ˜ฒ. What I'm worried about now is how many people are affected by this. Like, if someone's wallet got compromised because of a bot on their phone, they're gonna lose everything ๐Ÿ’ธ. We need to be super careful with these updates and dependencies, you feel? It's like a cat-and-mouse game between hackers and developers, but I don't think we want to lose in this one ๐Ÿ˜….
 
omg u guys gotta be so careful w/ ur wallets rn ๐Ÿ˜ฑ they're infecting open-source packages on npm & pypi and stealing ur seed phrases and device fingerprints lol what a clever move but also super shady ๐Ÿค– the fact that dYdX accounts were compromised and used by the attackers is wild ๐Ÿšจ i'm all for devs using open-source stuff but u gotta vet it 1st, ya feel? ๐Ÿ’ป any app using those compromised npm versions is like, totally at risk of being scammed ๐Ÿค‘ we need to stay vigilant and check our apps like crazy ๐Ÿ‘€
 
ugh, can't believe another exchange got hit ๐Ÿคฏ... like, what even is the point of having open-source if you're just gonna infect it with malware?! ๐Ÿ’ป these hackers are straight up pros, I'll give 'em that, but still... how many wallets gotta get stolen before people take action?! ๐Ÿ’ธ and the worst part is, it's not just dYdX, like, other exchanges can learn from this and get hit too ๐Ÿšจ. seriously though, what's wrong with these devs? Can't they see when someone's trying to pull a fast one on them?! ๐Ÿ˜ก
 
๐Ÿค• u gotta be kidding me! how do ppl manage 2 get so lucky w/ these hacks? infecting open-source packages & exploiting devs trust? that's low even 4 a pro hacker like that ๐Ÿ™„

i mean, i get it, crypto exchanges r a target b/c they deal w/ sensitive info. but c'mon, can't ppl just use a reputable compiler or something? and what's w/ the perpetual trading & targeting thingy? sounds like some kinda exploit fest ๐Ÿ˜’

anywayz, gotta give props 2 d researchers who figured out this attack & are warnin' ppl about it. hope people take heed & check their apps for any dodgy dependencies ๐Ÿค”
 
I'M SO FREAKING ANNOYED ABOUT THIS!!! ๐Ÿคฏ these hackers are like total pros, but not in a good way ๐Ÿ˜ฌ they managed to infect open-source packages and steal people's wallets! can you even imagine?!? it's like they just walked into the most secure place ever and just took what they wanted ๐Ÿ’ธ and now the devs have to deal with all this stress and work to fix the problem ๐Ÿคช

i mean, i get it, we're living in a world where hacking is a thing and we need to be careful, but come on! ๐Ÿ™„ can't these hackers just take their hacking skills to somewhere else?!? ๐Ÿšซ it's just so frustrating when this stuff happens because i've got friends who use dYdX and the thought of them getting scammed is just awful ๐Ÿ˜•

anyway, the researchers are saying that everyone using those compromised npm versions is at risk, which makes me super worried ๐Ÿค• what if someone I know gets affected?!? i guess we just need to be more careful about what apps we download and make sure they're not infected ๐Ÿ’ป๐Ÿ’ธ
 
omg, another cyber attack ๐Ÿคฏ! its like, you cant even trust open-source packages anymore ๐Ÿคฆโ€โ™‚๏ธ. devs just upload stuff they dont even read or check, and then BAM! hackers exploit it ๐Ÿ’ธ. dYdX gotta step up their game, this is gettin old ๐Ÿ˜’. i mean, perpetual trading and targeting? sounds like something out of a cyberpunk movie ๐Ÿš€. wallet compromise, irreversible theft... just terrible ๐Ÿค•. any app using those compromised npm versions is basically toast ๐Ÿ’€. gotta be super careful now ๐Ÿ‘ฎโ€โ™€๏ธ. dont wanna get pwned again ๐Ÿคทโ€โ™‚๏ธ
 
OMG, this is soooo scary ๐Ÿคฏ! Hackers are getting super sneaky and exploiting trust with open-source packages ๐Ÿค. The fact that dYdX devs were compromised and uploaded malicious code themselves is just mind-blowing ๐Ÿ˜ฑ. It's like they turned their own home against each other ๐Ÿ”’.

I'm so worried about all the ppl using those apps with the infected packages ๐Ÿ“Š. Wallets could be completely compromised and cryptocurrency stolen ๐Ÿ’ธ. The worst part is that it's not just dYdX, but also any app relying on those versions ๐Ÿค”.

Can we please make devs more careful when publishing packages? It's like, we know how bad hackers are getting ๐Ÿคซ, so let's keep our guard up and double-check everything ๐Ÿ”.
 
You must log in or register to reply here.
Back
Top