Policy Event Β· High impact

TrapDoor Supply Chain Attack Targets Crypto Developer Keys And Wallets

Socket Research reported a cross-ecosystem TrapDoor campaign across npm, PyPI and Crates.io packages targeting crypto, DeFi, AI and security developers. The attack raises compliance and listing-review risk because compromised developer secrets, wallets, CI/CD credentials and cloud keys can translate into project-control and custody failures.

High impact🌐 GlobalAMLDeFiCustodySOLSUISocketnpmPyPICrates.io

APAC FINSTAB analysis

Although this is outside core APAC, it is relevant because global market-structure, enforcement, and stablecoin precedents often shape licensing expectations for APAC exchanges, issuers, custodians, and DeFi teams. Protocols/assets in scope: SOL, SUI. Named institutions or platforms: Socket, npm, PyPI, Crates.io. Teams should monitor the original source, map the change to licensing, custody, disclosure, and market-access obligations, and update their jurisdiction playbooks before the next compliance review.

Compliance read-through: map this event to entity licensing, market-access, custody, disclosure, token listing, and operational-risk obligations before expanding or marketing in the affected jurisdiction.

View related AML tracker page β†’

Related policy events

AUSTRAC Reframes AML Compliance Around Serious Crime Harm

AUSTRAC warned that money laundering hides proceeds from serious crimes and urged the public to understand the real-world harm behind illicit funds. The messaging extends Australia's AML reform narrative into customer education, risk monitoring and reporting expectations for regulated sectors including crypto-adjacent services.

Medium impactπŸ‡¦πŸ‡Ί AustraliaAMLRegulation

Binance Denies Reduced US Law Enforcement Cooperation After DOJ Memo

Binance denied reports that it would reduce U.S. law enforcement cooperation or stop courtesy freezes, saying a DOJ memo may have misread ADGM license obligations. The dispute shows how exchange asset-freeze workflows can be complicated by cross-border licensing, MLAT routing and local regulator guidance.

Medium impactπŸ‡ΊπŸ‡Έ United States🌐 AEAMLEnforcementExchangeUSDTBTC