THREAT OPS › Threat News › Not-so-anonymous telemetry: The @injectivelabs/sdk-ts backdoor
Not-so-anonymous telemetry: The @injectivelabs/sdk-ts backdoor
A malicious commit disguised as SDK telemetry briefly compromised @injectivelabs/sdk-ts, exfiltrating wallet mnemonics and private keys.
MITRE ATT&CK techniques
- Private KeysT1552.004