Which versions of @whatnot-web/www-legacy are malicious?

The following npm versions of @whatnot-web/www-legacy are flagged malicious: 99.1.1, 99.1.2. Treat any of these as compromised.

How do I remediate @whatnot-web/www-legacy if I installed it?

Remove @whatnot-web/www-legacy from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is @whatnot-web/www-legacy part of a known attack campaign?

Yes — @whatnot-web/www-legacy is associated with the IN-MAL-2026-005732, IN-MAL-2026-005731, IN-MAL-2026-005734, IN-MAL-2026-005733 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect @whatnot-web/www-legacy in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking @whatnot-web/www-legacy and packages like it before any post-install script runs.

Malicious package

@whatnot-web/www-legacynpm

Malicious code in @whatnot-web/www-legacy (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5622

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall @whatnot-web/www-legacy

What this malware does

@whatnot-web/[email protected] is a dependency-confusion shell targeting the Whatnot org scope. The package ships an empty library (index.js exports {}), a generic description, blank author, and an inflated version (99.1.1) — the canonical dependency-confusion shape designed to win resolution against an internal package of the same name. On npm install, postinstall.js collects os.hostname(), os.userInfo().username, process.cwd(), and a 2-level directory listing of the working directory, base64-encodes the JSON payload, and POSTs it via HTTPS to the hardcoded interactsh collector wybqtvzmfhssbvhokfgb61yfn41sqvc9c.oast.fun. A hex-encoded DNS-lookup fallback to the same host is included to defeat HTTPS egress filtering. The collected information identifies internal build hosts and source-tree layouts and is suitable for staging follow-on attacks against the targeted organization.

The OpenSSF Package Analysis project identified '@whatnot-web/www-legacy' @ 99.1.2 (npm) as malicious.

It is considered malicious because:

The package communicates with a domain associated with malicious activity.

Malicious versions

2 flagged

99.1.199.1.2

Indicators of compromise (SHA-256)

e45700e1f6645fd91fddc41fc131df1dfe2df1e3b0c049661f1185f61010fd24

21bb55bdbd36c38a976cea5f94cc8f67989823a769b8915fbe4d424e1ca3b9ae

3fe99986935f0b2d200c3192dfc07fc1b6da96c78ac8a4f0a67aa23771e82709

488b42325004726d9ffc2fd1dda185146a8cc73a8e90052b881cdbee2545e30a

a85d19d24a55723e8078d46f2cbfb3c49e1e3ef6f4f66f41f86da599d707a4e6

Frequently asked questions

No. @whatnot-web/www-legacy on npm has been identified as a malicious package (versions 99.1.1, 99.1.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005732IN-MAL-2026-005731IN-MAL-2026-005734IN-MAL-2026-005733

References

Credits

Amazon Inspector · finder
OpenSSF: Package Analysis · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection