Supply Chain Alert: Malicious NuGet Package Weaponizes Sentry for Banking Credential Exfiltration

A sophisticated software supply chain attack has been identified targeting the .NET ecosystem. A fraudulent NuGet package, masquerading as an official Software Development Kit (SDK) for the Brazilian financial institution Sicoob, was discovered exfiltrating highly sensitive authentication credentials. This incident highlights a tactical shift toward abusing legitimate developer tools to bypass traditional network security monitoring.

Security researchers at Socket uncovered the campaign, noting that the package—published under the name “Sicoob.Sdk”—was specifically engineered to intercept the credentials required for integrating with Sicoob’s banking APIs.

Technical Breakdown: The Mechanics of the Compromise

The malicious actor uploaded several iterations of the package (versions 2.0.0 through 2.0.4) to the NuGet repository in early May 2026. To gain developer trust, the package advertised robust support for .NET 8 and standard secure communication protocols, such as mutual TLS (mTLS) authentication.

The exploitation occurs during the standard SDK initialization phase. In a typical implementation, a developer would instantiate a client by providing a Client ID, a path to a PFX certificate, and the associated file password. The malicious code hooks into this routine, performing the following steps:

  • File Access: The package reads the PFX certificate directly from the local file system.
  • Data Encoding: The certificate is converted into a Base64 string to facilitate easy transport.
  • Exfiltration via Legitimate Channels: Instead of connecting to a suspicious, unknown IP, the malware transmits the Client ID, the plaintext password, and the encoded certificate to a hardcoded endpoint on Sentry, a widely used error-monitoring platform.

By utilizing Sentry as a Command and Control (C2) or exfiltration channel, the attackers successfully blend their malicious traffic with legitimate telemetry data, making detection via standard egress filtering significantly more difficult.

NuGet listing for Sicoob.Sdk
NuGet listing for Sicoob.Sdk showing cumulative downloads across malicious versions (Source: Socket)

To further evade automated sandbox analysis and manual scrutiny, the attackers implemented a production-only trigger. The exfiltration logic remains dormant during testing or debugging phases, only activating when the application environment is set to “Production.”

Source-to-Package Mismatch: A Deceptive Strategy

The investigation revealed a highly coordinated impersonation campaign. The attackers established a GitHub organization and a NuGet profile designed to mimic Sicoob’s official digital footprint. Interestingly, the public GitHub repository contained clean, benign source code. However, the compiled NuGet binaries contained the malicious payload, a classic example of a source-to-package mismatch designed to deceive developers who perform a quick audit of the source code but rely on the pre-compiled package for deployment.

Suspicious GitHub repository
The suspicious GitHub repository mimics official Sicoob documentation to establish false legitimacy (Source: Socket)

The impact of this breach is critical. Because PFX certificates contain private keys, an attacker possessing the certificate, the password, and the Client ID can effectively impersonate the victim application. This grants the ability to execute unauthorized financial transactions, access private banking data, and manipulate services like Pix payments and boleto processing within the Sicoob ecosystem.

Incident Response and Mitigation

If your organization has utilized the affected packages, you must treat all associated cryptographic material as compromised. We recommend the following immediate actions:

  1. Credential Rotation: Revoke all PFX certificates and rotate all associated Client IDs and passwords immediately.
  2. Log Auditing: Inspect outbound network logs for unusual connections to Sentry ingestion endpoints.
  3. Dependency Verification: Implement strict checksum validation and ensure all third-party dependencies are pulled from verified, official vendor feeds.
  4. Environment Scanning: Audit CI/CD pipelines to ensure no malicious artifacts were cached or deployed during the window of infection.

Indicators of Compromise (IoCs)

Malicious Package:
Sicoob.Sdk (Versions 2.0.0 through 2.0.4)

Related Impersonation Packages:
The following packages are part of the identified set:
Sicoob-Cooperativa.Sicoob.Auth, Sicoob-Cooperativa.Sicoob.CobrancaV3, Sicoob-Cooperativa.Sicoob.ContaCorrente, Sicoob-Cooperativa.Sicoob.ConvenioPagamentos, Sicoob-Cooperativa.Sicoob.Investimentos, Sicoob-Cooperativa.Sicoob.OpenFinance, Sicoob-Cooperativa.Sicoob.PagamentosPix, Sicoob-Cooperativa.Sicoob.PagamentosV3, Sicoob-Cooperativa.Sicoob.Pix, Sicoob-Cooperativa.Sicoob.Poupanca, Sicoob-Cooperativa.Sicoob.SpbTransferencias

Infrastructure:
NuGet Owner: sicoob (https://www.nuget.org/profiles/sicoob)
GitHub Org: Sicoob-Cooperativa (https://github[.]com/Sicoob-Cooperativa)
GitHub Contributor: joaobcdev (https://github[.]com/joaobcdev)

Exfiltration Endpoint (Sentry):
DSN: hxxps://d565e3f03d0b1a7c8935d7ff94237316@o4511335034847232[.]ingest[.]de[.]sentry[.]io/4511337546317904
Host: o4511335034847232[.]ingest[.]de[.]sentry[.]io
Project ID: 4511337546317904
Public Key: d565e3f03d0b1a7c8935d7ff94237316

Note: IoCs have been defanged to prevent accidental execution.

Related Articles

Back to top button
xqVxbhUZ N QYtXLZaw ExgoJWEXxg