Which versions of @solana-labs/ancor are malicious?

The following npm versions of @solana-labs/ancor are flagged malicious: 1.0.0, 1.0.1, 1.0.7, 1.0.8, 1.0.9, 1.0.11. Treat any of these as compromised.

How do I remediate @solana-labs/ancor if I installed it?

Remove @solana-labs/ancor from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Can O3 Security detect @solana-labs/ancor in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking @solana-labs/ancor and packages like it before any post-install script runs.

Malicious package

@solana-labs/ancornpm

Malicious code in @solana-labs/ancor (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5786

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @solana-labs/ancor

What this malware does

Package name @solana-labs/ancor is a one-character typosquat of the legitimate @coral-xyz/anchor / @project-serum/anchor Solana framework, published under the @solana-labs scope to impersonate official Solana Labs tooling. package.json declares "postinstall": "node install.js", which fires automatically on npm install. install.js reads host identifiers via os.hostname() and process.platform, invokes child_process.execSync, issues outbound HTTP/HTTPS traffic (including a POST at line 113 and a curl shell-out at line 173), and references https://api.mainnet-beta.solana.com as cover traffic. The combination of (a) impersonating-scope name targeting a top-tier ecosystem package, (b) a postinstall lifecycle hook executing a script that reads host identity and shells out to network primitives, and (c) execSync of arbitrary commands during install constitutes an install-time host reconnaissance / command-execution payload against any developer or build system that installs this package.

Malicious versions

6 flagged

1.0.01.0.11.0.71.0.81.0.91.0.11

Indicators of compromise (SHA-256)

06e80dfe88b6d601c9312c9fc13275b703e5d05311232a3f1fa01b1c0a1f041b

4341f9b2c0176d9259176539e69a12bec21bd872733a220066f2af7e8c852012

a2dc1225b1e56ff04b029102d142b130bf7d9f65e2458034cd7ef630dcdaf5eb

e5786abeec93a264217ec9d4ca101ba0f491867bacf387dfd15e891fde36b634

0e572d1a61685cd04ccafca460d47a230f0306cca7692e3c1008f2b296592b22

3b513d317445b8431eda1751d82e7f50d2d7ef311a9891a7aa9a2fab706236c5

3c3f14460d22b93718d3fdf4337cc9b5f3a2526e4cb265a906a9c24d87671f98

42c4ffd55383e8703ce8de56e582e1e0eaa2b57d522edb4b4356febd4134e6a5

4d59b87155558b811b79a7d671f6dcd66bee47adff3a7022ab22d73f18d86369

5feff6d83078f902bd5e7eaa2dd81f78c95289d86ccfcde5f30325c7609278a7

8e001b6b18e1b0a1841b10d5e41b1403383d65f61e56f5363efcfc4102162892

c2e55c8cd359b7c45614d01f3d8f02bd9f27a9322c52decf65b1524500a0a396

Frequently asked questions

No. @solana-labs/ancor on npm has been identified as a malicious package (versions 1.0.0, 1.0.1, 1.0.7, 1.0.8, 1.0.9, 1.0.11 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006600IN-MAL-2026-006599IN-MAL-2026-006597IN-MAL-2026-006592IN-MAL-2026-006598IN-MAL-2026-006590IN-MAL-2026-006589IN-MAL-2026-006593IN-MAL-2026-006591IN-MAL-2026-006594IN-MAL-2026-006595IN-MAL-2026-006596

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection