{"id":"MAL-2026-10028","summary":"Malicious code in @wagni_bot/metemask-sdk (npm)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (cb3278c8cf58eb66a4a0b385f9e36f59b1ad9bca93baf2c6de84e40d550d73ba)\n`@wagni_bot/metemask-sdk` is a single-character typosquat of the legitimate `metamask-sdk` package (\"metemask\" vs \"metamask\"). `index.js` is an empty stub (`module.exports = {}`); the package has no functional library code. Its sole effect is a `postinstall` hook (`postinstall.js`) that runs at `npm install` time and performs credential theft against the installer:\n\n- Recursively walks `process.cwd()`, `os.homedir()`, and `~/.ssh`, reading files whose names match `.env`, `.cred`, `.pem`, `.key`, `mnemonic`, `seed`, `wallet`, `secret`, `id_rsa`, `id_ed25519`. This captures SSH private keys, crypto-wallet seed phrases/keystores, and dotenv secrets.\n- Enumerates `process.env` and filters keys containing `PRIVATE`, `SECRET`, `TOKEN`, `API_KEY`, `PASSWORD`, `MNEMONIC`, `SEED`, `WALLET`, `AWS`, capturing their values.\n- Collects host identifiers via `os.hostname()`, `os.userInfo()`, platform, and cwd.\n- POSTs the harvested content (chunked) to `https://api.telegram.org/bot\u003chardcoded-token\u003e/sendMessage` targeting attacker chat_id `892359416`.\n\nThis satisfies the attacker-benefit gate (bulk exfiltration of installer-owned SSH keys, wallet seeds, and credential env vars to an attacker-controlled Telegram channel) and auto-executes on default `npm install` via the `postinstall` lifecycle. The typosquat name targets developers intending to install MetaMask's SDK.\n","modified":"2026-07-09T16:31:50.365167217Z","published":"2026-07-09T15:14:53Z","database_specific":{"malicious-packages-origins":[{"versions":["1.1.5"],"sha256":"0970ff01982fabbf6fe10079a50e89ec0847d3edad5f643b17dbecd70321ae10","import_time":"2026-07-09T16:20:38.872477506Z","source":"amazon-inspector","id":"IN-MAL-2026-009078","modified_time":"2026-07-09T15:24:51Z"},{"versions":["1.1.1"],"sha256":"c734022f34f31176059d3fc16b4750750d6b5f1dbef1662bbd151d29c38d657c","import_time":"2026-07-09T16:20:35.228102701Z","source":"amazon-inspector","id":"IN-MAL-2026-009039","modified_time":"2026-07-09T15:18:36Z"},{"versions":["1.0.0"],"sha256":"cb3278c8cf58eb66a4a0b385f9e36f59b1ad9bca93baf2c6de84e40d550d73ba","import_time":"2026-07-09T16:20:33.409512406Z","source":"amazon-inspector","id":"IN-MAL-2026-009024","modified_time":"2026-07-09T15:16:12Z"},{"versions":["1.2.0"],"sha256":"f02eb354580eaed07d89cb6015f54f3e97d47891a69f8e420bbd42203e4ea3c3","import_time":"2026-07-09T16:20:32.881751701Z","source":"amazon-inspector","id":"IN-MAL-2026-009016","modified_time":"2026-07-09T15:14:53Z"},{"versions":["1.1.4"],"sha256":"2f1619378d1a86aeccaa082b41b58319d72fae1a8dea02d8f5ba60e1284338c2","import_time":"2026-07-09T16:20:36.688386301Z","source":"amazon-inspector","id":"IN-MAL-2026-009053","modified_time":"2026-07-09T15:20:49Z"},{"versions":["1.1.3"],"sha256":"6772612dd322662e3f6daab985ad1378d380dc8d0e59e10406ebab4de146aa1d","source":"amazon-inspector","import_time":"2026-07-09T16:20:34.07294792Z","id":"IN-MAL-2026-009033","modified_time":"2026-07-09T15:17:39Z"},{"versions":["1.1.0"],"sha256":"b33bbb63be9b14ef0ee3f0041fc8225e2d272c24a1651ffa1b27a8f4876e1975","import_time":"2026-07-09T16:20:38.027527392Z","source":"amazon-inspector","id":"IN-MAL-2026-009069","modified_time":"2026-07-09T15:23:25Z"}]},"references":[{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.1.5"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.1.1"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.0.0"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.2.0"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.1.4"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.1.3"},{"type":"PACKAGE","url":"https://www.npmjs.com/package/@wagni_bot/metemask-sdk/v/1.1.0"}],"affected":[{"package":{"name":"@wagni_bot/metemask-sdk","ecosystem":"npm","purl":"pkg:npm/%40wagni_bot/metemask-sdk"},"versions":["1.1.5","1.1.1","1.0.0","1.2.0","1.1.4","1.1.3","1.1.0"],"database_specific":{"indicators":{"evidence_files":[{"tlsh":"5c8155c4b1fa520958a341eefa5b220210717d573848e4a9fedc9f456f56240af53bfc","path":"postinstall.js","sha256":"3d8a59e627a451040c959870dace8fb417d1f9c55c6e2d2190637289212f8b3f"}],"package_integrity":[{"hashes":{"sha1":"3200bd5a61c869dc3e1d28f4b807f7e91941d93f","sha512_sri":"sha512-zmzp/T7cTFk75etUN4mNQqhIfjmyN1/dKQtmsRAaCPfhMpZtfYWx/8h20k04CO9d1z8KEAI9deylC8WgJL8wEQ=="},"filename":"metemask-sdk-1.1.5.tgz"}]},"cwes":[{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"},{"description":"The product contains code that appears to be malicious in nature.","name":"Embedded Malicious Code","cweId":"CWE-506"}],"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/@wagni_bot/metemask-sdk/MAL-2026-10028.json"}}],"schema_version":"1.7.5","credits":[{"name":"Amazon Inspector","contact":["inspector-research@amazon.com"],"type":"FINDER"}]}