Compromised Injective SDK sends wallet keys through fake telemetry
The post Compromised Injective SDK sends wallet keys through fake telemetry appeared on BitcoinEthereumNews.com. A malicious update to an Injective developer package has exposed private keys and seed phrases after being downloaded more than 300 times, Socket has found. Summary Socket found that a compromised Injective npm package copied private keys and seed phrases through fake telemetry. The malicious version was downloaded more than 300 times and spread through 17 related Injective Labs packages. CertiK reported that wallet compromises caused $444 million in losses during the first half of 2026. According to security firm Socket, version 1.20.21 of the @injectivelabs/sdk-ts npm package, which has about 50,000 weekly downloads, was altered after a developer’s GitHub account was compromised. Suspicious commits began on June 8, and the malicious release was later pinned across 17 other packages under the Injective Labs npm scope. The security firm said the code intercepted wallet key-g