HomeTechnologyMalicious packages for dYdX cryptocurrency exchange empties user wallets

Malicious packages for dYdX cryptocurrency exchange empties user wallets

TechnologyFebruary 7, 2026
1 min read
Malicious packages for dYdX cryptocurrency exchange empties user wallets
Incident is at least the third time the exchange has been targeted by thieves.
Reading Settings

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, researchers said.

“Every application using the compromised npm versions is at risk ….” the researchers, from security firm Socket, said Friday. “Direct impact includes complete wallet compromise and irreversible cryptocurrency theft. The attack scope includes all applications depending on the compromised versions and both developers testing with real credentials and production end-users."

Packages that were infected were:

Read full article

Comments

Source: Ars Technica

Share this article

Related Articles

The $400 million machine powering the future of chipmaking
Jun 231 hour ago

The $400 million machine powering the future of chipmaking

Jos Benschop is climbing a ladder to get to the top of his newest machine.  It’s a bit of a schlep. The contraption is the size of a double-decker bus—more than 150 tons of gleaming precision-mil

technologyreview.com27 min read
Read More
Elephant alert! AI warning systems aim to avoid deadly clashes
Jun 231 hour ago

Elephant alert! AI warning systems aim to avoid deadly clashes

India is home to about 60% of the world’s wild Asian elephants, and around 80% of the animals’ habitat lies outside protected areas, according to the Ministry of Environment, Forest, and Climate Chang

technologyreview.com2 min read
Read More