Executive Summary

A critical supply chain attack has compromised the official dYdX client libraries distributed via both the npm and PyPI package repositories. Malicious actors leveraged access to legitimate developer accounts to publish trojanized versions of these packages, which deliver advanced wallet-stealing malware and a Python-based Remote Access Trojan (RAT). The attack specifically targets developers and backend systems integrating with the dYdX decentralized exchange, resulting in the theft of wallet credentials and, in some cases, full system compromise. This incident represents a significant escalation in the targeting of the cryptocurrency ecosystem via software supply chain vectors, and is the third major supply chain incident involving dYdX in recent years. Immediate action is required to identify, contain, and remediate affected systems.

Threat Actor Profile

The threat actor behind this campaign demonstrated a high degree of sophistication and operational security. By compromising legitimate dYdX developer accounts on both npm and PyPI, the attacker was able to publish malicious updates that appeared authentic and trustworthy. The cross-ecosystem targeting, advanced obfuscation techniques, and the deployment of both credential-stealing and remote access capabilities suggest a well-resourced adversary with a deep understanding of the cryptocurrency and open-source software supply chain landscape. No public attribution to a specific Advanced Persistent Threat (APT) group has been made as of this report, but the actor’s tactics, techniques, and procedures (TTPs) align with those seen in previous high-profile supply chain attacks.

Technical Analysis of Malware/TTPs

The attack vector began with the compromise of legitimate dYdX developer credentials, granting the attacker the ability to publish new versions of the @dydxprotocol/v4-client-js package on npm and the dydx-v4-client package on PyPI. The malicious npm versions include 3.4.1, 1.22.1, 1.15.2, and 1.0.31, while the affected PyPI version is 1.1.5post1.

The npm payload injects a wallet stealer that exfiltrates wallet seed phrases and device fingerprints to the attacker-controlled domain dydx[.]priceoracle[.]site. Device fingerprinting enables the attacker to correlate credentials across multiple victims and potentially bypass basic anti-fraud mechanisms.

The PyPI package is even more insidious, containing both the wallet stealer and a Python-based RAT. The RAT operates as a background daemon thread, beaconing to the command-and-control (C2) server at dydx[.]priceoracle[.]site/py every 10 seconds. It is capable of receiving and executing arbitrary Python code in a subprocess, with no visible output to the user. The RAT uses a hardcoded authorization token (490CD9DAD3FAE1F59521C27A96B32F5D677DD41BF1F706A0BF85E69CA6EBFE75) to authenticate with the C2 infrastructure.

The RAT’s capabilities include stealing SSH keys, API credentials, and source code; installing persistent backdoors; exfiltrating files; monitoring user activity; modifying files; and pivoting to other systems within the network. The malicious code is heavily obfuscated, with the PyPI version employing 100 iterations of obfuscation to hinder analysis. The malware is inserted into core registry files such as registry.ts, registry.js, and account.py. On Windows systems, the malware uses the CREATE_NO_WINDOW flag to execute without displaying a console window, further reducing the likelihood of detection.

The C2 infrastructure is hosted on the domain dydx[.]priceoracle[.]site, registered on January 9, 2026. All exfiltrated data and C2 communications are funneled through this domain.

Exploitation in the Wild

The attack has been observed targeting developers and backend systems that integrate dYdX libraries, particularly those that use real wallet credentials in development or production environments. The impact includes complete wallet compromise, irreversible cryptocurrency theft, and, in the case of the PyPI package, potential full system compromise via remote code execution. All applications and systems that depend on the compromised package versions are at risk, regardless of whether they are in development or production. There is evidence that the attacker’s infrastructure has received exfiltrated credentials and that funds have been drained from affected wallets.

Victimology and Targeting

The primary victims are organizations and individuals who have integrated the affected dYdX packages into their software stacks. This includes cryptocurrency exchanges, DeFi platforms, trading bots, and backend services that interact with the dYdX protocol. The attack is particularly effective against environments where wallet credentials are stored or processed, such as CI/CD pipelines, development machines, and production servers. The use of device fingerprinting suggests the attacker is interested in high-value targets and may attempt to correlate multiple compromised accounts or systems. There is no evidence to suggest that end-users of the dYdX exchange who do not interact with the affected packages are directly at risk.

Mitigation and Countermeasures

Immediate steps must be taken to contain and remediate this threat. Organizations should isolate and reimage any machines that have installed the affected package versions. All wallet funds should be moved to new wallets generated on clean, uncompromised systems. API keys, credentials, and secrets that may have been exposed must be rotated without delay. A comprehensive audit of all dependencies should be conducted to identify the presence of the malicious package versions. Only the specific malicious versions need to be removed; unaffected versions and those hosted in the official dYdX GitHub repository are not compromised. Organizations should implement strict controls around package installation, such as using lockfiles, verifying package signatures, and sourcing packages only from trusted repositories. Enhanced monitoring for connections to dydx[.]priceoracle[.]site and similar domains should be deployed across all environments.

References

The Hacker News, Ars Technica, Socket.dev Blog, dYdX Official X/Twitter, LinkedIn Alert, Reddit Discussion, MITRE ATT&CK T1195.002, MITRE ATT&CK T1555, MITRE ATT&CK T1059.006, MITRE ATT&CK T1071.001, MITRE ATT&CK T1105

About Rescana

Rescana is a leader in third-party risk management (TPRM), providing organizations with a comprehensive platform to continuously monitor, assess, and mitigate cyber risks across their entire supply chain. Our advanced threat intelligence and automation capabilities empower security teams to proactively identify and respond to emerging threats, ensuring the resilience of your digital ecosystem. For questions or further assistance, we are happy to help at ops@rescana.com.