Which versions of @whatnot-web/www-legacy are malicious?

The following npm versions of @whatnot-web/www-legacy are flagged malicious: 99.1.1, 99.1.2. Treat any of these as compromised.

How do I remediate @whatnot-web/www-legacy if I installed it?

Remove @whatnot-web/www-legacy from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.

I already installed @whatnot-web/www-legacy — how do I know if it already compromised me?

If @whatnot-web/www-legacy was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is @whatnot-web/www-legacy part of a known attack campaign?

Yes — @whatnot-web/www-legacy is associated with the IN-MAL-2026-005732, IN-MAL-2026-005731, IN-MAL-2026-005734, IN-MAL-2026-005733 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find @whatnot-web/www-legacy across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @whatnot-web/www-legacy (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @whatnot-web/www-legacy across your stack and pipelines.

Malicious package

@whatnot-web/www-legacynpm

Malicious code in @whatnot-web/www-legacy (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5622

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @whatnot-web/www-legacy

What this malware does

@whatnot-web/[email protected] is a dependency-confusion shell targeting the Whatnot org scope. The package ships an empty library (index.js exports {}), a generic description, blank author, and an inflated version (99.1.1) — the canonical dependency-confusion shape designed to win resolution against an internal package of the same name. On npm install, postinstall.js collects os.hostname(), os.userInfo().username, process.cwd(), and a 2-level directory listing of the working directory, base64-encodes the JSON payload, and POSTs it via HTTPS to the hardcoded interactsh collector wybqtvzmfhssbvhokfgb61yfn41sqvc9c.oast.fun. A hex-encoded DNS-lookup fallback to the same host is included to defeat HTTPS egress filtering. The collected information identifies internal build hosts and source-tree layouts and is suitable for staging follow-on attacks against the targeted organization.

The OpenSSF Package Analysis project identified '@whatnot-web/www-legacy' @ 99.1.2 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Malicious versions

2 flagged

99.1.199.1.2

Indicators of compromise (SHA-256)

e45700e1f6645fd91fddc41fc131df1dfe2df1e3b0c049661f1185f61010fd24

21bb55bdbd36c38a976cea5f94cc8f67989823a769b8915fbe4d424e1ca3b9ae

3fe99986935f0b2d200c3192dfc07fc1b6da96c78ac8a4f0a67aa23771e82709

488b42325004726d9ffc2fd1dda185146a8cc73a8e90052b881cdbee2545e30a

a85d19d24a55723e8078d46f2cbfb3c49e1e3ef6f4f66f41f86da599d707a4e6

Detection & response playbook

Malicious package

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for @whatnot-web/www-legacy (2 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging @whatnot-web/www-legacy across your stack and pipelines.
If you installed it — respond
Remove @whatnot-web/www-legacy from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.
Did it already run?
If @whatnot-web/www-legacy was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks @whatnot-web/www-legacy before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. @whatnot-web/www-legacy on npm has been identified as a malicious package (versions 99.1.1, 99.1.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005732IN-MAL-2026-005731IN-MAL-2026-005734IN-MAL-2026-005733

References

Credits

Amazon Inspector · finder
OpenSSF: Package Analysis · finder

Detect & block this

O3 blocks @whatnot-web/www-legacy-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring