Which versions of flowcardano are malicious?

The following npm versions of flowcardano are flagged malicious: 9.9.9. Treat any of these as compromised.

How do I remediate flowcardano if I installed it?

Remove flowcardano from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is flowcardano part of a known attack campaign?

Yes — flowcardano is associated with the IN-MAL-2026-006601, IN-MAL-2026-006602 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect flowcardano in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking flowcardano and packages like it before any post-install script runs.

Malicious package

flowcardanonpm

Malicious code in flowcardano (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5805

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall flowcardano

What this malware does

On npm install, package.json's preinstall hook runs node index.js, which collects host identity (os.hostname(), os.userInfo().username, cwd) and scrapes process.env for any key matching the regex key|seed|secret|token|private|mnemonic|password|blockfrost|redis|telegram|batcher, then POSTs the resulting JSON to https://2.25.140.71:8443/surflending/npm-confusion (index.js lines 13-17). The destination is a bare IP rather than any publisher- or vendor-owned host, and the request path (/surflending/npm-confusion) self-describes the intent as a dependency-confusion exfiltration channel. The package name flowcardano impersonates Cardano-ecosystem tooling and is published at version 9.9.9, the canonical dependency-confusion bait version chosen to outrank legitimate internal packages in resolver order. Any developer or CI agent that installs this package leaks credential-shaped environment variables (wallet seeds/mnemonics, private keys, Blockfrost / Telegram / Redis tokens, generic API tokens and passwords) along with host identifiers to the attacker.

Malicious versions

1 flagged

9.9.9

Indicators of compromise (SHA-256)

21379b9b1e9f6a64a18a806531d9f1bb22394694b092eb2b26b6b4d356bd5a4a

649a634e3752b14f92fe6c92e11681dc8d16ba04019196b1c10cdf5968d74607

Frequently asked questions

No. flowcardano on npm has been identified as a malicious package (version 9.9.9 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-006601IN-MAL-2026-006602

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection