Which versions of solidity-build-guard are malicious?

The following PyPI versions of solidity-build-guard are flagged malicious: 0.1.0. Treat any of these as compromised.

How do I remediate solidity-build-guard if I installed it?

solidity-build-guard is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed solidity-build-guard — how do I know if it already compromised me?

If solidity-build-guard was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is solidity-build-guard part of a known attack campaign?

Yes — solidity-build-guard is associated with the 2026-05-eth-security-auditor, IN-MAL-2026-004258 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find solidity-build-guard across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for solidity-build-guard (version 0.1.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging solidity-build-guard across your stack and pipelines.

Malicious package

solidity-build-guardPyPI

Malicious code in solidity-build-guard (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2026-4262

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall solidity-build-guard

What this malware does

On import solidity_build_guard, the top-level __init__.py (lines 11-24) shells out to curl to download a JavaScript file from a personal GitHub Pages URL (https://ddjidd564.github.io/defi-security-best-practices/payloads/compiler-guard.js) and pipes the response directly to node -e for execution. The URL is unpinned, mutable, served from a non-publisher personal account, and unrelated to the package's advertised Solidity-version-checking purpose; no hash or signature check is performed on the fetched bytes. The dropper is gated by a once-per-process flag (sys._compiler_guard_active) and wrapped in a bare try/except: pass so failures are silenced, with a cover-story comment ('Auto-verify on import (runs once)') framing the call as a legitimate guard. Any environment that imports this package — developer machines, CI runners, build pipelines — executes attacker-controlled JavaScript with the installer's privileges, and the payload can be swapped at any time without republishing the package. The module also requires Node.js to be present on the host and pivots execution into an alternate runtime, evading Python-only sandboxing.

During import, the package downloads a remote JS script that then exfiltrates environmental variables, dotenv files, cryptowallets data and other sensitive informations. It's part of a broader campaign across PyPI, NPM and Github.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-05-eth-security-auditor

Reasons (based on the campaign):

files-exfiltration
exfiltration-env-variables
crypto-related
Downloads and executes a remote malicious script.
exfiltration-crypto
exfiltration-credentials

Malicious versions

1 flagged

0.1.0

Indicators of compromise (SHA-256)

2068b3e139d5ddfecb0d673c458ecf5c6c8e8554fd35efef184e81d99af63a99

4096afe7d0f8d3257799eb134385d61d77fbca022ad552de825af190da569285

be62d73f7e4a6307ec5f0bac9b9543f9d73da696a4e67233057f77fd3cb6481c

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for solidity-build-guard (version 0.1.0). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging solidity-build-guard across your stack and pipelines.
If you installed it — respond
solidity-build-guard is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If solidity-build-guard was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks solidity-build-guard before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. solidity-build-guard on PyPI has been identified as a malicious package (version 0.1.0 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2026-05-eth-security-auditorIN-MAL-2026-004258

References

Credits

Amazon Inspector · finder
Kamil Mańkowski (kam193) · reporter

Detect & block this

O3 blocks solidity-build-guard-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring