dYdX v4-client npm + PyPI compromise (wallet stealer + RAT)
Maintainer credentials for the dYdX decentralized exchange were compromised; malicious versions of the official v4 client were pushed to npm and PyPI in a coordinated release. The npm payload exfiltrates wallet seed phrases through a malicious createRegistry() function. The PyPI variant additionally drops a Python RAT executed on import.
- Detected by
- Socket
- Ecosystems
- npmPyPI
- Packages tracked
- 2
What happened
On January 27, 2026, maintainer credentials for the official dYdX v4 client libraries were compromised. The attacker pushed coordinated malicious releases to both npm (@dydxprotocol/v4-client-js) and PyPI (dydx-v4-client) within a short window — the kind of cross-ecosystem timing that only works if the attacker is sitting on real publishing rights, not running a typosquat.
The npm payload is centred on a malicious createRegistry() helper that hooks the wallet flow and exfiltrates any seed phrase passed through dYdX SDK calls. The PyPI variant carries the same wallet-stealing logic plus a Python RAT triggered at import time, so simply running pip install on a dependency tree that resolves the bad version is enough.
Obfuscation density on both payloads is significantly higher than typical typosquat malware, which matches the publishing-account-takeover hypothesis. Socket linked the deobfuscated control flow back to the same operator infrastructure observed in earlier 2025 wallet-drainer campaigns.
If you maintain a downstream dYdX integration, treat any host that built against the malicious versions as compromised for crypto assets: transfer funds from a clean device first, then rotate API keys handled on that workstation.
Affected packages (2)
- npm
@dydxprotocol/v4-client-js1.0.311.15.21.22.13.4.1 - PyPI
dydx-v4-client1.1.5.post11.1.5post1
Impact
- Cryptocurrency wallet seed-phrase theft from any downstream dYdX integrator
- Remote command execution on Python hosts importing the package
- High-iteration obfuscation suggests publishing-infrastructure access, not typosquat
What to do
- 1Isolate any machine that installed the malicious versions; transfer crypto from a clean device
- 2Rotate API keys and credentials handled on the affected developer workstation
- 3Reinstall only from versions verified against the official dYdX GitHub repository