Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
Malicious package

@wagni_bot/opensea-sdknpm

Malicious code in @wagni_bot/opensea-sdk (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-10030
Immediate action
Remove the package, then rotate any secrets the build/runtime could reach.
npm uninstall @wagni_bot/opensea-sdk

What this malware does

Package impersonates the OpenSea SDK namespace (name @wagni_bot/opensea-sdk, description "Unofficial opensea-sdk SDK") but ships no SDK functionality — its purpose is the postinstall.js dropper that runs automatically on npm install. postinstall.js walks the installer's home directory and crypto-wallet paths (.ethereum,.solana,.bitcoin, Library/Ethereum) for files matching wallet/keystore/seed/mnemonic/private/pem/id_rsa patterns; greps file contents for Ethereum/Bitcoin private-key and BIP39 seed-phrase shapes; reads every file under ~/.ssh (excluding known_hosts and *.pub); and filters process.env for names containing PRIVATE, SECRET, TOKEN, KEY, PASSWORD, MNEMONIC, SEED, WALLET, or AWS. Each hit is POSTed together with os.hostname(), os.userInfo().username, and process.cwd() (plus up to 10KB of matched file content) via plain HTTP to the hardcoded bare-IP endpoint http://107.161.90.180:7777. Installing this package on a developer machine hands over SSH private keys, crypto wallet keystores/seed phrases, and secret environment variables to the operator of that endpoint.

Malicious versions

7 flagged
1.0.01.1.01.1.11.1.31.1.41.1.51.2.0

Indicators of compromise (SHA-256)

180731324517ae6b27ea40b119dba8f0ab1080a6662ea947f86e8c0de545b0cd
d56bf145287b480a0577ea59eeb574bb06e0d02b9b0edff8455e1ff80da1832f
fdf4e3b5fbb9ee046aa4d5448d1e218334d9ac301520bb1a476b66da5ab5ffea
2b7cba911e938df1773eac5fb6c8d1ddd516b240d3fd15bb76669be864f3c11f
2bb17ee14bcebc28314402ab5abb1f23fd63161c49ad9f5240ac6b12885adff7
33f13d814ee8aed088dc7fef1737db9d9946d49b043aa95e9ed1f9bd3a10ddaa
4567a95fc8efe5311a2394bcc04b64aba72ca8ce846790fc5d37b56f39847162

Detection & response playbook

Credential / info stealer
  1. Find it

    Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @wagni_bot/opensea-sdk (7 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @wagni_bot/opensea-sdk across your stack and pipelines.

  2. If you installed it — respond

    @wagni_bot/opensea-sdk is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

  3. Did it already run?

    If @wagni_bot/opensea-sdk was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

  4. How O3 protects you

    O3 blocks @wagni_bot/opensea-sdk before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. @wagni_bot/opensea-sdk on npm has been identified as a malicious package (versions 1.0.0, 1.1.0, 1.1.1, 1.1.3, 1.1.4, 1.1.5, 1.2.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-009057IN-MAL-2026-009080IN-MAL-2026-009067IN-MAL-2026-009060IN-MAL-2026-009054IN-MAL-2026-009028IN-MAL-2026-009073

References

Credits

  • Amazon Inspector · finder

Detect & block this

O3 blocks @wagni_bot/opensea-sdk-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

@wagni_bot/opensea-sdk (npm) malicious package — MAL-2026-10030 | O3 Security