Skip to main content
BTC / USDTCRYPTO107,400+2.19%ETH / USDTCRYPTO3,840+2.13%SOL / USDTCRYPTO182.40−1.99%BNB / USDTCRYPTO652.30+0.66%XRP / USDTCRYPTO2.2150+1.61%DOGE / USDTCRYPTO0.3850−1.79%TON / USDTCRYPTO5.240+2.34%AVAX / USDTCRYPTO42.60−2.07%LINK / USDTCRYPTO22.40+2.28%ADA / USDTCRYPTO1.0520−1.68%TRX / USDTCRYPTO0.3300+0.92%DOT / USDTCRYPTO8.420+2.93%BTC / USDTCRYPTO107,400+2.19%ETH / USDTCRYPTO3,840+2.13%SOL / USDTCRYPTO182.40−1.99%BNB / USDTCRYPTO652.30+0.66%XRP / USDTCRYPTO2.2150+1.61%DOGE / USDTCRYPTO0.3850−1.79%TON / USDTCRYPTO5.240+2.34%AVAX / USDTCRYPTO42.60−2.07%LINK / USDTCRYPTO22.40+2.28%ADA / USDTCRYPTO1.0520−1.68%TRX / USDTCRYPTO0.3300+0.92%DOT / USDTCRYPTO8.420+2.93%
Fiyatlandırma
cryptoJul 10, 2026, 12:36 PM

Malicious Injective SDK Version Found on npm Steals Wallet Keys

Socket discovered a malicious version (1.20.21) of the Injective SDK on npm that steals seed phrases and private keys. At least 300 downloads were recorded.

INJUSD

Security firm Socket has identified a malicious version of the Injective SDK in the npm registry. Package version 1.20.21 was designed to intercept wallet seed phrases and private keys, then exfiltrate them via a fake telemetry endpoint disguised as an Injective server.

According to Socket, the malicious package was downloaded at least 300 times. The same rogue release was also found in 17 other Injective Labs packages. Researchers recommend treating any keys or seed phrases that passed through the affected packages as compromised.

Source: ForkLog