OSV Malicious Advisory
scanned 1h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10028 confirms this npm version as malicious. `@wagni_bot/metemask-sdk` is a single-character typosquat of the legitimate `metamask-sdk` package ("metemask" vs "metamask"). `index.js` is an empty stub (`module.exports = {}`); the package has no functional library code. Its sole effect is a `postinstall` hook (`postinstall.js`) that runs at `npm install` time and performs credential theft against the installer:
Advisory
MAL-2026-10028
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in @wagni_bot/metemask-sdk (npm)
Details
`@wagni_bot/metemask-sdk` is a single-character typosquat of the legitimate `metamask-sdk` package ("metemask" vs "metamask"). `index.js` is an empty stub (`module.exports = {}`); the package has no functional library code. Its sole effect is a `postinstall` hook (`postinstall.js`) that runs at `npm install` time and performs credential theft against the installer:
- Recursively walks `process.cwd()`, `os.homedir()`, and `~/.ssh`, reading files whose names match `.env`, `.cred`, `.pem`, `.key`, `mnemonic`, `seed`, `wallet`, `secret`, `id_rsa`, `id_ed25519`. This captures SSH private keys, crypto-wallet seed phrases/keystores, and dotenv secrets. - Enumerates `process.env` and filters keys containing `PRIVATE`, `SECRET`, `TOKEN`, `API_KEY`, `PASSWORD`, `MNEMONIC`, `SEED`, `WALLET`, `AWS`, capturing their values. - Collects host identifiers via `os.hostname()`, `os.userInfo()`, platform, and cwd. - POSTs the harvested content (chunked) to `https://api.telegram.org/bot<hardcoded-token>/sendMessage` targeting attacker chat_id `892359416`.
This satisfies the attacker-benefit gate (bulk exfiltration of installer-owned SSH keys, wallet seeds, and credential env vars to an attacker-controlled Telegram channel) and auto-executes on default `npm install` via the `postinstall` lifecycle. The typosquat name targets developers intending to install MetaMask's SDK.
Decision reason
OpenSSF Malicious Packages via OSV confirms @wagni_bot/metemask-sdk@1.1.0 as malicious (MAL-2026-10028): Malicious code in @wagni_bot/metemask-sdk (npm)
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 High
HighOsv Malicious Advisory