Which versions of twilio-sdk are malicious?

The following npm versions of twilio-sdk are flagged malicious: 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4. Treat any of these as compromised.

How do I remediate twilio-sdk if I installed it?

Remove twilio-sdk from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Can O3 Security detect twilio-sdk in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking twilio-sdk and packages like it before any post-install script runs.

Malicious package

twilio-sdknpm

Malicious code in twilio-sdk (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-5621

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall twilio-sdk

What this malware does

Package name twilio-sdk impersonates the official Twilio Node SDK (twilio) but ships an empty API (module.exports = {}). The only real behavior runs in postinstall.js, declared via package.json "postinstall": "node./postinstall.js". On npm install, postinstall.js collects the installer's hostname, DNS-resolved FQDN, Active Directory domain (USERDNSDOMAIN), current working directory, Node version, CI flag, and CI/SCM identifiers (GITHUB_REPOSITORY, CIRCLE_*, CI_PROJECT_PATH, BITBUCKET_REPO_FULL_NAME, BUILD_REPOSITORY_URI, TRAVIS_REPO_SLUG, JENKINS_URL, CI_SERVER_URL), as well as the configured internal npm registry (npm_config_registry), and sends them as query parameters in a plaintext HTTP GET to http://46.224.67.169:3000/ping. The combination of name-squat against a top-tier SDK, divergent (empty) API, and an unconsented install-time beacon to a hardcoded bare IP is install-time reconnaissance for downstream targeting (dependency-confusion against the leaked internal registry, lateral movement using the leaked AD domain and internal CI URLs). The package's own README labeling it a 'security research honeypot' does not change the installer-side impact: any developer who mistypes twilio and installs this package leaks internal infrastructure identifiers to a third-party IP.

Malicious versions

9 flagged

0.1.00.1.10.1.20.1.30.2.00.2.10.2.20.2.30.2.4

Indicators of compromise (SHA-256)

19cd7cb8b737391c1893041cc338e3f0632d8b5f55329421a17f77bf64c4ad53

610ffe4143722dcdfeb3d049bd8c58e4061386308e663fa30bf4e66ea30085d6

737fede3d5b2007849cab0503cec191ce127c33c0b28f3b3285f347a064966e1

96a398d34d95257b84af146f94611845bd6259dea411757c3439bab56a062a18

9c432fae4dbe2d0a743896a087004cf27a0af9de6aee260c2cf0bc641d4e64d7

ca267e3c5c740cd5cd890f085b234f2fbe56734efaa3d91543ea4dd42c2643c1

e9a31c7cf630ff29db274913971222bd67481ca14a84f4820f2baff17f8327a2

f8475741df241619c65b6da1b848b004b8339a3531a1397fbdfb26406797964d

339af037f4255c3a8743ba7c80f3c4178b855a908a5b5cab6fc24fb9d0d3aa1a

Frequently asked questions

No. twilio-sdk on npm has been identified as a malicious package (versions 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.2.1, 0.2.2, 0.2.3, and 1 more flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-005616IN-MAL-2026-005614IN-MAL-2026-005610IN-MAL-2026-005611IN-MAL-2026-005613IN-MAL-2026-005609IN-MAL-2026-005615IN-MAL-2026-005608IN-MAL-2026-005612

References

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection