VDB
EN

MAL-2026-5352

Malicious code in blockchain-helper-0 (npm)

상세

**Note:** *This report is updated by a verification record*

Crypto/SSH/wallet stealer (self-labeled "CRYPTO STEALER"). postinstall scripts/postinstall.js auto-execs, src/index.js harvests ~/.ssh/id_rsa + wallet keys/seeds + env and exfils to hardcoded Telegram bot 8227918239:AAGEMDrBZluDsBBYPxfSyMuv2l3FY8cZCcs chat 6433587894. Auto-exec + hardcoded attacker Telegram exfil; "blockchain-helper" identity has no reason to read SSH/wallet keys.

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (8b9fac34e13ad38cb702f7aad434d18aa276005fe5fa4cbe48c7eb65af26623d) The package was found to contain malicious code or consuming dependency that contains malicious code

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / blockchain-helper-0
최초 영향 버전: 0

No fixed version published yet for blockchain-helper-0 (npm). Pin to a known-safe version or switch to an alternative.

참고