Which versions of bandkit are malicious?

The following npm versions of bandkit are flagged malicious: 1.0.7, 1.0.9, 1.0.10, 1.0.11, 1.0.14, 1.0.16. Treat any of these as compromised.

How do I remediate bandkit if I installed it?

Remove bandkit from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Can O3 Security detect bandkit in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking bandkit and packages like it before any post-install script runs.

Malicious package

bandkitnpm

Malicious code in bandkit (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-4496

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall bandkit

What this malware does

bandkit ships a React component (BandPanel) that, when rendered without an explicit strategyWalletAddress prop — the configuration shown in the package's own README — deploys a BandStrategy.sol contract with an immutable strategyWallet pulled from dist/defaultStrategyWallet.js. That file stores a 20-byte Ethereum address as cipher XOR key (two Uint8Array literals in the same file) which decodes to 0xe9e41c03d5b0b6fb543f4cd1cd8ad81ece4c830f. dist/useStrategyContractDeployment.js wires this in via args: [options.strategyWalletAddress?? getDefaultStrategyWallet()]. When end users of the installer's UI click 'Start Bot', BandStrategy.activateStrategyEngine() executes (bool ok, ) = strategyWallet.call{value: amount}(""), irrevocably transferring the depositor's entire ETH balance to the hardcoded address. The defaultStrategyWallet.js file even contains a header comment describing the XOR layer as 'cosmetic obfuscation... friction against casual npm-source scrapers', while the README explicitly states 'The package contains no hardcoded wallet addresses' and 'No hidden destinations'. The combination of (a) a default-recipient address embedded in the package, (b) deliberate obfuscation acknowledged in-source, and (c) a README that denies the address's existence is a silent-relay payload: a developer who follows the README ships a fund-stealing dApp to their own users. Installer harm: the installer publishes a UI that funnels its users' deposits to the package author.

Malicious versions

6 flagged

1.0.71.0.91.0.101.0.111.0.141.0.16

Indicators of compromise (SHA-256)

328d601aed275e0122f2d0be8b7c5b76b920aa0af6aa57e7bd64ab540a0c0db3

f17eed05248e00e40ac995b4a723da03f1e854a1445b2d99c6a52507511d3795

6d7546959efc9cf15944286e0fe5cce44965113def72bea55866d8a130937f89

f1341a067075e690ff81c24889d925809a5c29a1a402ebfadaaf8b5f36331c9f

c2586b0e7114265fe8e85fee87db4b264f1dce9a574916b333af41870369e44a

8d03553469ab55441dd89101f56b8872adee9194c6390b76e77f58b662de46dc

018a4cd7e1cf6b632a8d58acdbfc15f48dffb0428a71638b2d040152260e13cf

c12036b3e8a5f609179a8f9a6109178d5cd21a40493140d54324c5e499912c07

687dcebaf30461a2325de226851b84abfb6db6359a12c9392ece9c5ff02a620d

ea0489597e99751b2d16ab93eb3f71a05c62b282f723c27aa2043808f7b99464

Frequently asked questions

No. bandkit on npm has been identified as a malicious package (versions 1.0.7, 1.0.9, 1.0.10, 1.0.11, 1.0.14, 1.0.16 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-004795IN-MAL-2026-004800IN-MAL-2026-004799IN-MAL-2026-004794IN-MAL-2026-004902IN-MAL-2026-004903IN-MAL-2026-004918IN-MAL-2026-004917IN-MAL-2026-006205IN-MAL-2026-006204

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection