Which versions of sendgrid-sdk are malicious?

The following npm versions of sendgrid-sdk are flagged malicious: 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4. Treat any of these as compromised.

How do I remediate sendgrid-sdk if I installed it?

Remove sendgrid-sdk from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Can O3 Security detect sendgrid-sdk in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking sendgrid-sdk and packages like it before any post-install script runs.

Malicious package

sendgrid-sdknpm

Malicious code in sendgrid-sdk (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5572

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall sendgrid-sdk

What this malware does

Package impersonates the official SendGrid npm packages (@sendgrid/*) but ships no SDK functionality — index.js exports an empty object. Its sole purpose is a postinstall recon beacon. On npm install, postinstall.js collects extensive installer-side identifiers — hostname, reverse-DNS FQDN, OS user, USERPROFILE, Active Directory domain (USERDNSDOMAIN, USERDOMAIN, LOGONSERVER), proxy/VPN/ZScaler environment signals, OneDrive corporate flag, install working directory, and CI repository identifiers (GitHub/GitLab/CircleCI/Travis/Bitbucket/Azure/Jenkins URLs and npm registry) — and transmits them via plain HTTP GET to http://46.224.67.169:3000/ping with each field as a query parameter (pkg, addomain, fullpath, etc.). The combination of name impersonation, empty SDK surface, and unsolicited fingerprinting of corporate AD/CI environments to a bare-IP HTTP endpoint is recon staging for follow-on supply-chain or phishing attacks. README framing this as a "honeypot" does not constitute installer consent — the package is published to the public npm registry where any developer mistyping the SendGrid name will trigger the beacon.

Malicious versions

9 flagged

0.1.00.1.10.1.20.1.30.2.00.2.10.2.20.2.30.2.4

Indicators of compromise (SHA-256)

df3992f84ee5a81eb1ad508d9fd6e2a0a51f8552056effe7dece155e1fdfd619

740af421012a33d5773d502ef2ac51f5697d2ec0baa0598a08afa722dd14e209

76af40b4d1204d2e756b8c339048795de2e130301b007f4495e08853371fe2ed

7f23e6fb704388bb60fbae0ed2d4ad51bc2cabe671da387eed6f450951c708b2

a19a2f5792f568f4391d6ff89ab07575e238550f96b31c82afde532d4378cd94

d1f3e67a6fb5063042d65f8123f4d2a8ae7ce481a022396e7285fe788342876d

e4474baa48b79c2fdb036376386c7b83ebd7720c690e330e4e84f957d6364bee

08f1d48bc557c6afa69c74455fe35f34ed0992082dc30fc09d032523d2329f63

25333dd5bc97c012a677a97b234e7f79e57c49239aa138949a2b9085a3829553

Frequently asked questions

No. sendgrid-sdk on npm has been identified as a malicious package (versions 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.2.1, 0.2.2, 0.2.3, and 1 more flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005551IN-MAL-2026-005619IN-MAL-2026-005621IN-MAL-2026-005620IN-MAL-2026-005624IN-MAL-2026-005622IN-MAL-2026-005626IN-MAL-2026-005623IN-MAL-2026-005625

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection