Malicious packages for dYdX cryptocurrency exchange empties user wallets

J

JoltCode

Hackers Target dYdX Cryptocurrency Exchange by Lacing Open-Source Packages with Malware, Leaving Users' Wallets Vulnerable to Theft.

A series of malicious packages published on the npm and PyPI repositories have left users of the popular cryptocurrency exchange dYdX vulnerable to theft. Researchers from security firm Socket discovered that open-source packages containing the malicious code were laced with a function that stole wallet credentials from dYdX developers, backend systems, and in some cases, backdoored devices.

The compromised packages included version 3.4.1 of the @dydxprotocol/v4-client-js package on npm and the dydx-v4-client package on PyPI. The malware embedded a malicious function that exfiltrated wallet seed phrases, device fingerprints, and other sensitive information, allowing attackers to correlate stolen credentials across multiple compromises.

The malicious code also contained a remote access Trojan (RAT) that enabled execution of new malware on infected systems. Once installed, the RAT allowed attackers to execute arbitrary Python code with user privileges, steal SSH keys and API credentials, install persistent backdoors, exfiltrate sensitive files, monitor user activity, modify critical files, and pivot to other systems on the network.

This is at least the third time dYdX has been targeted by thieves. Previous incidents include a September 2022 uploading of malicious code to the npm repository and a 2024 DNS hijacking incident that commandedeered the dYdX v3 website through DNS spoofing, prompting users to sign transactions designed to drain their wallets.

The security firm warned users to carefully examine all apps for dependencies on the malicious packages listed above. "Viewed alongside the 2022 npm supply chain compromise and the 2024 DNS hijacking incident, this latest attack highlights a persistent pattern of adversaries targeting dYdX-related assets through trusted distribution channels," Socket said.

As a result, users are advised to take immediate action to protect themselves from potential theft, including:

* Reviewing all apps for dependencies on the malicious packages listed above
* Updating dependencies to version 1.0.31 or lower on npm and to 1.1.5post1 on PyPI
* Running security scans on devices and systems using dYdX-related assets
* Implementing additional security measures, such as multi-factor authentication and encryption
 
Ugh, another cryptocurrency exchange getting hacked πŸ€¦β€β™‚οΈ. Can't these devs just take the time to review their dependencies for once? I mean, come on, npm and PyPI are supposed to be reputable channels... how hard is it to check a few versions? This dYdX thing has been targeted before, like 2022 and 2024 already πŸ€”. It's getting old, hackers just keep coming back and exploiting the same weaknesses. Wallets left vulnerable, device fingerprints stolen... what's next? 😬
 
omg 🀯🚨 dYdX users r in trouble again! πŸ’Έ hackers laced open-source packages with malware πŸ•΅οΈβ€β™‚οΈ it's like they think no one's watching πŸ˜΄πŸ‘€ these malicious packages stole wallet credentials & backdoored devices πŸš«πŸ’» need to keep a close eye on our apps & updates πŸ“πŸ’‘ 1.0.31 or lower is key πŸ”‘ don't wanna get phishing'd 😳 gotta stay safe online πŸ’―
 
I heard dYdX got hacked again πŸ€¦β€β™‚οΈ... like, I'm not surprised though. I mean, who needs a secure wallet when you can have a fun game of 'find the hidden malware' πŸ˜„? But seriously, I feel bad for the users. It's like they're just trying to make some quick cash and then BAM! Hackers are stealing their seed phrases and running off with it πŸ’Έ. On the bright side, at least dYdX is getting better at handling these situations. Like a cybersecurity version of a security guard who's always on the lookout for suspicious activity πŸ•΅οΈβ€β™‚οΈ. And honestly, who doesn't love a good excuse to update their dependencies and run some security scans? It's like a digital detox... from themselves πŸ˜….
 
OMG, you know what's wild? I was just thinking about trying out that new coffee shop downtown 🀯. Have you guys tried their cold brew? It's literally the best thing since sliced bread! Anyway, back to this hacking stuff... I mean, can't believe they're still finding ways to exploit open-source packages πŸ€¦β€β™‚οΈ. It just goes to show how important it is to keep your dependencies up-to-date and running security scans regularly πŸ”.

And, on a completely unrelated note, has anyone seen that new movie with the awesome lead actor? I've been meaning to check it out for ages! πŸŽ₯ But, seriously, dYdX needs to step up their game and improve their security measures ASAP. It's just not worth the risk of losing all your crypto funds 😬.
 
ugh, can't believe this is happening again πŸ€¦β€β™‚οΈ dYdX is like a sitting duck for hackers. first it's npm and now PyPI too... what's next? 😬 how hard is it to keep these packages clean?!?! security firms need to step up their game and alert devs sooner so they can patch this ASAP.

also, i'm so sick of these warnings that come out every few months πŸ™„ "update your dependencies" yadda yadda... like who's got the time or expertise to do that? πŸ€·β€β™‚οΈ shouldn't we be expecting better from a reputable exchange like dYdX?!

and another thing, why can't they just use a secure protocol for authentication and authorization?! πŸ’Έ all this fuss over updating dependencies seems like an easy fix... not.
 
Ugh, another crypto exchange getting hacked πŸ€¦β€β™‚οΈ. I mean, come on devs, can't you just keep your dependencies up to date? It's not that hard. This third time dYdX has been targeted is just a bad look for the whole community. And now users have to worry about their wallets being compromised... it's just stress 😬. And what's with all these supply chain attacks? Can't we just trust our packages and dependencies like we used to? πŸ€” It's not that hard to vet your software before releasing it, folks! Get on top of this security game already πŸ’»
 
OMG u guys!! 🀯 so dYdX got hacked AGAIN lol like 3rd time this year lol they put malware in their open source packages on npm & pyPI idk how much info got stolen but apparently its a big deal 😬 anyone who uses dYdX gotta take action now ASAP review all ur apps, update dependencies and run security scans πŸš¨πŸ’» dont wanna be a victim lol
 
Ugh this is getting out of hand 🀯! I'm not surprised that dYdX is being targeted by hackers again, though. It's like they're just begging to be hacked πŸ˜‚. But seriously, it's so frustrating when companies don't take security seriously enough. This is the third time this year that dYdX has been hit, and it's just not acceptable πŸ€¦β€β™€οΈ.

I mean, come on guys! Can't you just keep your packages up to date? It's not that hard πŸ’ͺ. And what's with all these dependencies? It's like they're just a breeding ground for malware 🐜. I'm literally shaking my head at this. The security firm is right, though - it is a pattern of hackers targeting dYdX through trusted channels. We need to start holding companies accountable for their security measures πŸ’―.

Anyway, I guess the silver lining is that users can take steps to protect themselves now 🀞. But seriously, dYdX needs to step up its game when it comes to security πŸ’₯. This isn't just about preventing theft - it's about protecting user data and trust 🌟.
 
Oh my gosh, I'm so worried about dYdX users!!! 🀯 Like, hackers are getting more sneaky every day and it's just not fair that innocent people get affected. I totally understand why devs need to use open-source packages, but this is just a major security breach 🚨. Users gotta be super careful now, like reviewing all their apps and updating dependencies ASAP πŸ’». And can we pls talk about multi-factor auth? It's soooo important for our safety online 😊. I hope dYdX devs are on top of it and fix this ASAP πŸ’ͺ!
 
OMG, this is getting ridiculous! 🀯 Like, can't these hackers just leave people alone? They've already hit dYdX like three times now and it's just a matter of time before someone gets scammed out of their life savings. And what really grinds my gears is that they're using open-source packages to do it - I mean, shouldn't we be able to trust those? πŸ€¦β€β™‚οΈ

And can we talk about the fact that dYdX didn't even notice this was happening until some researcher from Socket discovered it? Like, what kind of monitoring are these guys doing on their own systems?! It's not just a matter of using up-to-date dependencies, it's about having people watching your back 24/7.

And don't even get me started on the remote access Trojan (RAT) - that's just plain scary. I mean, if you've got some sketchy code installed on your system, can anyone really be sure what's going on? It's like, we're living in a bad action movie or something. πŸŽ₯
 
🚨 OMG u guys! I just saw this news about hackers hitting dYdX crypto exchange and it's super scary 🀯. They injected malware into open-source packages on npm and PyPI and now users' wallets are vulnerable to theft πŸ’Έ. Like, what's going on with the devs over there? Can't they keep their own stuff secure? 😩

And this isn't even the first time dYdX has been targeted πŸ™…β€β™‚οΈ. They've had two other incidents already in 2022 and 2024. It's like, what are they doing wrong? πŸ€”

Anyway, I guess users need to be super careful now πŸ”. They need to review all their apps for dependencies on the malicious packages and update them ASAP ⏱️. And even then, who knows if it'll keep them safe? 😬 It's just another reminder that security is always a work in progress πŸ’».

Ugh, I don't like this one bit 😟. Can we please get some better security measures in place already? 🀞
 
omg u gotta be careful w/ ur crypto wallet lol πŸš¨πŸ’Έ these hackers are like super sneaky, they put malware in open-source packages so they can steal all ur sensitive info & wallets... its like, dYdX has been targeted 3 times already & now theres another attack going on 😬 1st u gotta review all ur apps for any suspicious dependencies πŸ“¦ then update them ASAP or risk being hacked too πŸ’₯ and pls dont forget 2 use multi-factor auth & encryption, trust me ur wallet's worth it πŸ’•
 
omg u gotta be careful w/ ur apps 🀯 so i was checkin out this news about dydx & it turns out some hackers targeted them by addin malware 2 their packages 😳 they took users wallets & even backdoored devices lol like what even is that?! so now security firm socket is sayin we need 2 review all our apps & update dependencies ASAP 🚨 gotta make sure we don't get hacked next
 
OMG, THIS IS SO BAD!!! πŸ’£πŸš¨ I mean like, who puts malware in open-source packages?!? It's just so lazy and irresponsible. And now people's wallets are being compromised left and right on dYdX πŸ€‘πŸ˜±. I know they've been targeted before but this is just getting ridiculous. First, it's a DNS hijacking incident, then an npm supply chain compromise, and now this... what's next?!? 🀯. Anyway, I hope everyone who uses dYdX is like super careful right now and updates their dependencies ASAP πŸš€πŸ‘. It's just so frustrating when these kinds of things happen πŸ™„.
 
You must log in or register to reply here.
Back
Top