Malicious packages for dYdX cryptocurrency exchange empties user wallets
February 18, 2026
•ArsTechnica•Moderate impact[key points]
Key points
- •Malicious open-source packages on npm and PyPI targeted dYdX cryptocurrency exchange users.
- •Compromised packages stole wallet credentials and backdoored devices.
- •Affected packages include specific versions of @dydxprotocol/v4-client-js on npm and dydx-v4-client on PyPI.
- •The malware exfiltrated seed phrases and device fingerprints, using typosquatting to mimic a legitimate dYdX service.
Impacted Jobs
View profile →
View profile →
Coming soon
Full job impact analysis
The premium watch subscription (detailed per-job impact, extended access) is coming soon. In the meantime, enjoy the key takeaways and highlighted roles on each article.