Software Supply Chain Attack Targets Injective Labs SDK, Stealing Crypto Wallet Keys
A sophisticated software supply chain attack has compromised the **Injective Labs SDK** project, leading to the publication of a malicious package on the npm registry. Threat actors leveraged a trusted developer's GitHub account to inject malware designed to exfiltrate cryptocurrency wallet private keys and mnemonic seed phrases from unsuspecting users.
Unknown threat actors have successfully compromised the **Injective Labs SDK** project's GitHub repository. This breach was then exploited to publish a malicious package on the **npm** registry, specifically targeting cryptocurrency wallet private keys and mnemonic seed phrases.

### Malicious Package Details
The compromised version, **@injectivelabs/[email protected]**, was released on July 8, 2026. It contained embedded fake telemetry functionality designed to exfiltrate sensitive data from cryptocurrency wallets. While the malicious package has been addressed, its release artifacts remain available for download on GitHub as of this writing.
Software supply chain security firm **Socket** reported that the malicious functionality was introduced through commits submitted by a GitHub account belonging to a developer with an established history of contributions to the repository.
### Widespread Impact
The threat actor also published version 1.20.21 across 17 additional **@injectivelabs** scoped packages. These packages depended on and pinned the malicious SDK version, thereby exposing transitive users who may not have directly installed the compromised library. Affected packages include:
* **@injectivelabs/utils**
* **@injectivelabs/networks**
* **@injectivelabs/ts-types**
* **@injectivelabs/exceptions**
* **@injectivelabs/wallet-base**
* **@injectivelabs/wallet-core**
* **@injectivelabs/wallet-cosmos**
* **@injectivelabs/wallet-private-key**
* **@injectivelabs/wallet-evm**
* **@injectivelabs/wallet-trezor**
* **@injectivelabs/wallet-cosmostation**
* **@injectivelabs/wallet-ledger**
* **@injectivelabs/wallet-wallet-connect**
* **@injectivelabs/wallet-magic**
* **@injectivelabs/wallet-strategy**
* **@injectivelabs/wallet-turnkey**
* **@injectivelabs/wallet-cosmos-strategy**
### Stealthy Exfiltration Mechanism
The malware within the package is designed to activate when legitimate library functionality is used by an unsuspecting developer. By avoiding lifecycle scripts and not launching during the installation phase, the malware successfully evades immediate detection.
Specifically, the poisoned version modifies legitimate functions used in workflows to generate private keys. It invokes a `trackKeyDerivation()` function under the guise of collecting anonymized usage metrics for SDK optimization.

The description for this supposed telemetry function claims it "Tracks which key derivation methods are used (hex vs mnemonic) and derives timing patterns to help the SDK team identify performance bottlenecks and understand adoption of different key formats across the ecosystem." It further states, "All metrics are fire-and-forget and never block or affect key derivation."
However, **Socket** revealed that parameters passed to this function include a hard-coded marker describing the key derivation method and the actual sensitive information required for private key generation. This captured material is sufficient for the threat actor to regenerate the private key.
**OX Security** elaborated, stating, "The malware adds crypto wallet stealing logic to a crypto wallet package, every time a legitimate user creates or uses the logic that reads mnemonic phrases β which are basically the master key for any crypto wallet, the malware reads them and sends them to the remote server."
To minimize outbound requests, the exfiltration mechanism, as noted by **StepSecurity**, appends multiple key derivations over a two-second window into a single queue. These are then sent in a single HTTPS POST request to an external server: `testnet.archival.chain.grpc-web.injective[.]network`.
**StepSecurity** also highlighted that the malicious release was facilitated through the repository's own trusted-publisher (**OIDC**) pipeline. The malicious commits were authored and pushed under the identity of an existing, trusted maintainer, **thomasRalee**.
### Recommendations for Users
Users who have installed the malicious version are strongly advised to:
* Update to the newly published, clean version of the package (**1.20.23**).
* Treat any private key or mnemonic phrase passed through the package as compromised and rotate them immediately.
* Check for and address any transitive dependencies that may have incorporated the malicious package.