Injective npm Package Backdoor Targeted Wallet Keys Before Clean Release


Hackers pushed a malicious version of Injective’s TypeScript SDK to npm in a supply-chain attack designed to steal wallet recovery phrases and private keys from developer environments.

The compromised release, @injectivelabs/[email protected], added code that captured mnemonics and raw private keys when applications created or loaded wallets. The payload was disguised as a telemetry helper and sent stolen secrets to an attacker-controlled endpoint shaped to look like Injective network infrastructure.

The attack reached 18 packages across the @injectivelabs npm scope. Only the SDK package carried the stealer directly, while 17 related packages were republished with dependency pins that forced projects to pull the poisoned SDK transitively.

The malicious release was downloaded 310 times before removal and replacement. A clean version, 1.20.23, was published within about an hour of the compromise window.

Payload Hid Inside Normal Wallet Flows

The backdoor did not rely on a postinstall script. It sat inside bundled SDK output and activated at runtime when wallet key-derivation functions were called. That made the package harder to catch with scanners focused only on install-time execution.

The injected code hooked into PrivateKey.fromMnemonic and PrivateKey.fromHex, capturing a full seed phrase or raw private key before normal derivation continued. Stolen data moved through the X-Request-Id header of a request using a gRPC-web content type, reducing the chance that the traffic would stand out inside an Injective application.

Injective’s TypeScript repository describes injective-ts as a monorepo of packages used to interact with Injective from Node.js and browser environments, including abstractions for core data structures, serialization, key management and API request generation.

Developers Told To Rotate Secrets

Projects that installed version 1.20.21 of any affected @injectivelabs package need to treat wallet secrets handled during that window as exposed. Updating the dependency is not enough if a mnemonic, private key or seed phrase already passed through the compromised code.

The cleanup path is direct: update to clean packages, inspect lockfiles and caches, check dependency trees, move funds from affected wallets, revoke exposed keys and regenerate seed phrases where possible. Developers should also search build logs and runtime telemetry for outbound requests to testnet.archival.chain.grpc-web.injective.network.

The incident adds another crypto-specific package compromise to a run of developer-side attacks. TrapDoor recently used malicious npm, PyPI and Crates.io packages to target wallet data, SSH keys and cloud credentials across Aptos, Sui and Solana environments.