Signal

TrapDoor malware campaign targets crypto developer environments including Solana and Aptos

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-05-25 06:25 UTCUpdated 2026-05-25 11:43 UTC

redditrsstelegram

cryptosecuritymalwaresupply_chain_attackdeveloper_toolsdefi

Trend in the last 24h

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (4)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (1 domains)

1 top source shown

New 'TrapDoor' Virus Steals Crypto Wallets: Solana, DeFi, AI Developers Under Threat

U.Today · News · u.today · 2026-05-25 11:43 UTC

limited source diversity in top sources

View all evidence

Overview

A coordinated malware campaign named 'TrapDoor' is targeting crypto developers by injecting malicious code into popular AI coding assistants and developer tools.

Entities

SlowMistSocketSolanaAptosSui

Score total

1.8

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

The campaign is currently active and has been recently detected by multiple security firms.
Developers using AI coding assistants and popular tools are at immediate risk.
Prompt action can mitigate damage and prevent further wallet thefts.

Why it matters

Supply chain attacks on developer tools can compromise entire crypto ecosystems.
TrapDoor targets major blockchain projects, risking widespread theft of private keys.
Awareness and security measures are critical to protect crypto assets and developer environments.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

TrapDoor malware campaign targets crypto developer environments including Solana, Aptos, and Sui to steal private keys and crypto assets

How sources frame it

Cointelegraph: neutral
The Block: neutral
U.Today: neutral

All evidence

New 'TrapDoor' Virus Steals Crypto Wallets: Solana, DeFi, AI Developers Under Threat

U.Today · u.today · 2026-05-25 11:43 UTC

Researchers flag TrapDoor malware campaign targeting crypto developer environments including Aptos, Sui and Solana

the_block_crypto · theblock.co · 2026-05-25 09:52 UTC

TrapDoor Malware Targets Crypto Developer Tools in Supply Chain Attack

CryptoCurrency · cointelegraph.com · 2026-05-25 08:31 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 3 / 0

Top publishers (this list)

U.Today (1)
the_block_crypto (1)
CryptoCurrency (1)

Top origin domains (this list)

u.today (1)
theblock.co (1)
cointelegraph.com (1)