Full Report
A malicious version of the @injectivelabs/sdk-ts npm package (version 1.20.21) was briefly published to the official Injective Labs npm namespace after a contributor account was compromised. The package contained credential-stealing functionality that silently exfiltrated cryp...
Analysis Summary
# Incident Report: Compromised Injective SDK npm Package Exfiltrates Cryptocurrency Wallet Keys
## Executive Summary
A malicious version (1.20.21) of the `@injectivelabs/sdk-ts` npm package was published to the official Injective Labs namespace following the compromise of a contributor’s account. The package featured highly targeted credential-stealing logic that exfiltrated wallet private keys and mnemonic phrases to a legitimate-looking endpoint. While the malicious version was live for only approximately one hour, several downstream packages were also updated to include the malicious dependency, affecting approximately 310 downloads.
## Incident Details
- **Discovery Date:** July 9, 2026
- **Incident Date:** July 9, 2026
- **Affected Organization:** Injective Labs
- **Sector:** Decentralized Finance (DeFi) / Blockchain Technology
- **Geography:** Global
## Timeline of Events
### Initial Access
- **Date/Time:** July 9, 2026
- **Vector:** Maintainer Account Compromise
- **Details:** An unauthorized actor gained access to a contributor's npm account, allowing them to publish updates to the official `@injectivelabs` namespace.
### Lateral Movement
- **Details:** The attacker utilized their access to update 17 additional packages within the `@injectivelabs` namespace to version 1.20.21, pinning them to the malicious SDK version to maximize the blast radius through transitive dependencies.
### Data Exfiltration/Impact
- **Details:** The malicious code intercepted wallet mnemonic phrases and private keys via the `fromMnemonic` and `fromHex` functions. Stolen credentials were Base64-encoded and sent to a public infrastructure endpoint.
### Detection & Response
- **How it was discovered:** Rapid detection (likely through automated monitoring or community reporting) within one hour of publication.
- **Response actions taken:** The malicious version was deprecated and replaced with a clean version.
## Attack Methodology
- **Initial Access:** Valid account abuse (npm maintainer account compromise).
- **Persistence:** Not applicable; the attack relied on the ephemeral window of a malicious package release.
- **Privilege Escalation:** Not applicable.
- **Defense Evasion:** Logic did not run during `postinstall`, but only during legitimate function calls; traffic was routed to a legitimate-looking Injective-owned endpoint (`testnet.archival.chain.grpc-web.injective.network`) to blend with normal API traffic.
- **Credential Access:** Hooking specific SDK functions (`fromMnemonic`, `fromHex`) to capture secrets in plaintext.
- **Discovery:** Not applicable.
- **Lateral Movement:** Dependency-based propagation (infecting 17 related packages).
- **Collection:** Interception of mnemonic phrases and private keys.
- **Exfiltration:** HTTPS POST requests using Base64 encoding.
- **Impact:** Direct theft of cryptocurrency wallet credentials.
## Impact Assessment
- **Financial:** High potential loss for users who utilized the specific package version to manage wallets; total stolen funds undisclosed.
- **Data Breach:** Compromise of cryptographic keys/mnemonics (310 downloads).
- **Operational:** Maintenance overhead to rotate keys and update all downstream dependencies.
- **Reputational:** Decreased trust in official SDKs and supply chain security for Injective Labs.
## Indicators of Compromise
- **Network Indicators:**
- `https[:]//testnet.archival.chain.grpc-web.injective.network` (Abused for exfiltration)
- **File Indicators:**
- npm package: `@injectivelabs/[email protected]`
- Modified functions: `fromMnemonic`, `fromHex`
- **Behavioral Indicators:**
- Unusual HTTPS POST traffic originating from the SDK to a testnet archival endpoint containing Base64-encoded payloads during wallet generation.
## Response Actions
- **Containment measures:** Deprecated the malicious package version.
- **Eradication steps:** Released clean versions of the SDK and all 17 affected downstream packages.
- **Recovery actions:** Advised users to avoid version 1.20.21 and audit any wallets interfaced with the library during the window of compromise.
## Lessons Learned
- **Timing of Payload:** Attackers are shifting away from noisy `install` scripts to "lazy" execution—triggering logic only when specific functions are called—to bypass automated sandbox analysis.
- **Scope of Damage:** A single account compromise can facilitate the poisoning of an entire ecosystem of related packages.
- **Evasion via legitimate infrastructure:** Using official-looking subdomains for exfiltration is an effective way to bypass simple DNS/IP blacklisting.
## Recommendations
- **Enforce MFA:** Mandatory Multi-Factor Authentication (MFA) for all npm contributors and GitHub organizations.
- **Code Signing:** Implement verifiable code signing for all published assets to ensure provenance.
- **Dependency Pinning & Auditing:** Use `package-lock.json` and automated tools (e.g., Socket, Snyk) to detect suspicious code changes in package updates.
- **Secret Management:** Developers should utilize local environment variables or hardware security modules (HSMs) rather than passing mnemonics directly through library functions where possible.