The Shai-Hulud Attack: How a Supply Chain Worm Stole $58M from Crypto Developers and Users
On Christmas Eve 2025, while most of the crypto world was on holiday, attackers pushed a malicious update to Trust Wallet's Chrome extension. Within 48 hours, $8.5 million vanished from 2,520 wallets. The seed phrases of thousands of users had been silently harvested, disguised as routine telemetry data. But this wasn't an isolated incident—it was the culmination of a supply chain attack that had been spreading through the crypto development ecosystem for weeks.
The Shai-Hulud campaign, named after the sandworms of Dune, represents the most aggressive npm supply chain attack of 2025. It compromised over 700 npm packages, infected 27,000 GitHub repositories, and exposed approximately 14,000 developer secrets across 487 organizations. The total damage: over $58 million in stolen cryptocurrency, making it one of the most costly developer-targeted attacks in crypto history.
The Anatomy of a Supply Chain Worm
Unlike typical malware that requires users to download malicious software, supply chain attacks poison the tools developers already trust. The Shai-Hulud campaign weaponized npm, the package manager that powers most JavaScript development—including nearly every crypto wallet, DeFi frontend, and Web3 application.
The attack began in September 2025 with the first wave, resulting in approximately $50 million in cryptocurrency theft. But it was "The Second Coming" in November that demonstrated the true sophistication of the operation. Between November 21-23, attackers compromised the development infrastructure of major projects including Zapier, ENS Domains, AsyncAPI, PostHog, Browserbase, and Postman.
The propagation mechanism was elegant and terrifying. When Shai-Hulud infects a legitimate npm package, it injects two malicious files—setup_bun.js and bun_environment.js—triggered by a preinstall script. Unlike traditional malware that activates after installation, this payload runs before installation completes and even when installation fails. By the time developers realize something is wrong, their credentials are already stolen.
The worm identifies other packages maintained by compromised developers, automatically injects malicious code, and publishes new compromised versions to the npm registry. This automated propagation allowed the malware to spread exponentially without direct attacker intervention.
From Developer Secrets to User Wallets
The connection between compromised npm packages and the Trust Wallet hack reveals how supply chain attacks cascade from developers to end users.
Trust Wallet's investigation revealed that their developer GitHub secrets were exposed during the November Shai-Hulud outbreak. This exposure gave attackers access to the browser extension source code and, critically, the Chrome Web Store API key. Armed with these credentials, attackers bypassed Trust Wallet's internal release process entirely.
On December 24, 2025, version 2.68 of the Trust Wallet Chrome extension appeared in the Chrome Web Store—published by attackers, not Trust Wallet developers. The malicious code was designed to iterate through all wallets stored in the extension and trigger a mnemonic phrase request for each wallet. Whether users authenticated with a password or biometrics, their seed phrases were silently exfiltrated to attacker-controlled servers, disguised as legitimate analytics data.
The stolen funds broke down as follows: approximately $3 million in Bitcoin, over $3 million in Ethereum, and smaller amounts in Solana and other tokens. Within days, the attackers began laundering funds through centralized exchanges—$3.3 million to ChangeNOW, $340,000 to FixedFloat, and $447,000 to KuCoin.
The Dead Man's Switch
Perhaps most disturbing is the Shai-Hulud malware's "dead man's switch" mechanism. If the worm cannot authenticate with GitHub or npm—if its propagation and exfiltration channels are severed—it will wipe all files in the user's home directory.
This destructive feature serves multiple purposes. It punishes detection attempts, creates chaos that masks the attackers' tracks, and provides leverage if defenders try to cut off command-and-control infrastructure. For developers who haven't maintained proper backups, a failed cleanup attempt could result in catastrophic data loss on top of credential theft.
The attackers also demonstrated psychological sophistication. When Trust Wallet announced the breach, the same attackers launched a phishing campaign exploiting the ensuing panic, creating fake Trust Wallet-branded websites asking users to enter their recovery seed phrases for "wallet verification." Some victims were compromised twice.
The Insider Question
Binance co-founder Changpeng Zhao (CZ) hinted that the Trust Wallet exploit was "most likely" carried out by an insider or someone with prior access to deployment permissions. Trust Wallet's own analysis suggests attackers may have gained control of developer devices or obtained deployment permissions before December 8, 2025.
Security researchers have noted patterns suggesting possible nation-state involvement. The timing—Christmas Eve—follows a common advanced persistent threat (APT) playbook: attack during holidays when security teams are understaffed. The technical sophistication and scale of the Shai-Hulud campaign, combined with the rapid laundering of funds, suggests resources beyond typical criminal operations.
Why Browser Extensions Are Uniquely Vulnerable
The Trust Wallet incident highlights a fundamental vulnerability in the crypto security model. Browser extensions operate with extraordinary privileges—they can read and modify web pages, access local storage, and in the case of crypto wallets, hold the keys to millions of dollars.
The attack surface is massive:
- Update mechanisms: Extensions auto-update, and a single compromised update reaches all users
- API key security: Chrome Web Store API keys, if leaked, allow anyone to publish updates
- Trust assumptions: Users assume updates from official stores are safe
- Holiday timing: Reduced security monitoring during holidays enables longer dwell time
This isn't the first browser extension attack on crypto users. Previous incidents include the GlassWorm campaign targeting VS Code extensions and the FoxyWallet Firefox extension fraud. But the Trust Wallet breach was the largest in dollar terms and demonstrated how supply chain compromises amplify the impact of extension attacks.
Binance's Response and the SAFU Precedent
Binance confirmed that affected Trust Wallet users would be fully reimbursed through its Secure Asset Fund for Users (SAFU). This fund, established after a 2018 exchange hack, holds a portion of trading fees in reserve specifically to cover user losses from security incidents.
The decision to reimburse sets an important precedent—and creates an interesting question about responsibility allocation. Trust Wallet was compromised through no direct fault of users who simply opened their wallets during the affected window. But the root cause was a supply chain attack that compromised developer infrastructure, which in turn was enabled by broader ecosystem vulnerabilities in npm.
Trust Wallet's immediate response included expiring all release APIs to block new version releases for two weeks, reporting the malicious exfiltration domain to its registrar (resulting in prompt suspension), and pushing a clean version 2.69. Users were advised to migrate funds to fresh wallets immediately if they had unlocked the extension between December 24-26.
Lessons for the Crypto Ecosystem
The Shai-Hulud campaign exposes systemic vulnerabilities that extend far beyond Trust Wallet:
For Developers
Pin dependencies explicitly. The preinstall script exploitation works because npm installs can run arbitrary code. Pinning to known clean versions prevents automatic updates from introducing compromised packages.
Treat secrets as compromised. Any project that pulled npm packages between November 21 and December 2025 should assume credential exposure. This means revoking and regenerating npm tokens, GitHub PATs, SSH keys, and cloud provider credentials.
Implement proper secret management. API keys for critical infrastructure like app store publishing should never be stored in version control, even in private repositories. Use hardware security modules or dedicated secret management services.
Enforce phishing-resistant MFA. Standard two-factor authentication can be bypassed by sophisticated attackers. Hardware keys like YubiKeys provide stronger protection for developer and CI/CD accounts.
For Users
Diversify wallet infrastructure. Don't keep all funds in browser extensions. Hardware wallets provide isolation from software vulnerabilities—they can sign transactions without ever exposing seed phrases to potentially compromised browsers.
Assume updates can be malicious. The auto-update model that makes software convenient also makes it vulnerable. Consider disabling auto-updates for security-critical extensions and manually verifying new versions.
Monitor wallet activity. Services that alert on unusual transactions can provide early warning of compromise, potentially limiting losses before attackers drain entire wallets.
For the Industry
Strengthen the npm ecosystem. The npm registry is critical infrastructure for Web3 development, yet it lacks many security features that would prevent worm-like propagation. Mandatory code signing, reproducible builds, and anomaly detection for package updates could significantly raise the bar for attackers.
Rethink browser extension security. The current model—where extensions auto-update and have broad permissions—is fundamentally incompatible with security requirements for holding significant assets. Sandboxed execution environments, delayed updates with user review, and reduced permissions could help.
Coordinate incident response. The Shai-Hulud campaign affected hundreds of projects across the crypto ecosystem. Better information sharing and coordinated response could have limited the damage as compromised packages were identified.
The Future of Supply Chain Security in Crypto
The cryptocurrency industry has historically focused security efforts on smart contract audits, exchange cold storage, and user-facing phishing protection. The Shai-Hulud campaign demonstrates that the most dangerous attacks may come from compromised developer tooling—infrastructure that crypto users never directly interact with but that underlies every application they use.
As Web3 applications become more complex, their dependency graphs grow larger. Each npm package, each GitHub action, each CI/CD integration represents a potential attack vector. The industry's response to Shai-Hulud will determine whether this becomes a one-time wake-up call or the beginning of an era of supply chain attacks on crypto infrastructure.
For now, the attackers remain unidentified. Approximately $2.8 million of stolen Trust Wallet funds remain in attacker wallets, while the rest has been laundered through centralized exchanges and cross-chain bridges. The broader Shai-Hulud campaign's $50+ million in earlier thefts has largely disappeared into the blockchain's pseudonymous depths.
The sandworm has burrowed deep into crypto's foundations. Rooting it out will require rethinking security assumptions that the industry has taken for granted since its earliest days.
Building secure Web3 applications requires robust infrastructure. BlockEden.xyz provides enterprise-grade RPC nodes and APIs with built-in monitoring and anomaly detection, helping developers identify unusual activity before it impacts users. Explore our API marketplace to build on security-focused foundations.