Malicious NuGet Package Masquerades as Sicoob SDK to Exfiltrate Banking Credentials
A recent cybersecurity incident has unveiled a sophisticated supply chain attack targeting developers integrating with Brazil’s Sicoob banking APIs. A malicious NuGet package, deceptively named Sicoob.Sdk, was discovered exfiltrating sensitive banking credentials, highlighting significant vulnerabilities in software supply chains within the financial sector.
Discovery and Distribution
The fraudulent package surfaced on the NuGet repository in early May 2026, releasing multiple versions from 2.0.0 to 2.0.4 before its removal. It purported to offer a .NET 8 SDK designed for authentication, mutual TLS (mTLS), and API communication with Sicoob systems. Given Sicoob’s extensive user base across Brazil, the package’s appearance was particularly appealing to developers working on financial applications.
Malicious Functionality
Upon closer examination, the SDK was found to contain concealed data exfiltration mechanisms. When developers initialized the client with a client ID, a PFX certificate file, and a password, the package clandestinely read the certificate from disk, encoded it, and transmitted it—along with the plaintext password and client ID—to a third-party Sentry endpoint. PFX files typically house both a certificate and its associated private key, essential for secure authentication. By obtaining both the certificate archive and its password, attackers could impersonate legitimate banking integrations, potentially gaining unauthorized access to sensitive financial APIs.
Exfiltration via Trusted Infrastructure
This attack’s sophistication is underscored by its use of legitimate telemetry infrastructure. Instead of employing traditional command-and-control servers, the malicious SDK leveraged Sentry, a widely trusted error monitoring platform, to transmit stolen data. This method allowed the exfiltration to blend seamlessly with normal application telemetry, evading detection. Both static and dynamic analyses confirmed that the exfiltration occurred during standard SDK initialization in production mode. The code initialized a hardcoded Sentry configuration and sent captured credentials as part of a telemetry message. In some instances, even financial transaction data, such as boleto payment responses, were included, exposing transaction details, payer information, and payment statuses.
Indicators of Compromise
The public GitHub repository associated with the SDK appeared clean, lacking the malicious logic found in the compiled NuGet package. This discrepancy indicates a deliberate supply chain attack, where a benign-looking codebase served as a façade while distributing a tampered binary via NuGet. Further investigation revealed that the publisher account hosted multiple Sicoob-branded packages, amplifying the potential reach of the attack.
Broader Implications
This incident is not isolated. Similar supply chain attacks have been documented, targeting various sectors and employing comparable tactics:
– Malicious NuGet Packages Targeting ASP.NET Developers: In February 2026, four malicious NuGet packages—NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_—were identified. These packages aimed to steal login credentials and implant persistent backdoors in web applications. They were published by a threat actor under the username hamzazaheer and collectively amassed over 4,500 downloads. The attack involved typosquatting, where NCryptYo mimicked the widely used NCrypto package, and employed obfuscation techniques to evade detection. Once active, the packages collected ASP.NET Identity data and transmitted it to attacker-controlled servers. ([cybersecuritynews.com](https://cybersecuritynews.com/malicious-nuget-packages-attacking/?utm_source=openai))
– Malicious NuGet Packages Mimicking Nethereum Project: In October 2025, counterfeit packages named Netherеum.All and NethereumNet were discovered impersonating the popular Nethereum library. These packages used advanced obfuscation techniques to exfiltrate sensitive wallet credentials, including private keys and mnemonics. The attack leveraged a homoglyph typosquatting technique, replacing the Latin letter e with a visually identical Cyrillic character, making the fraudulent package nearly indistinguishable from the legitimate one. ([cybersecuritynews.com](https://cybersecuritynews.com/malicious-nuget-packages/?utm_source=openai))
– Weaponized NuGet Packages Injecting Destructive Payloads: In November 2025, nine malicious NuGet packages were identified, designed to inject destructive payloads into industrial control systems. Published under the alias shanhai666, these packages accumulated nearly 9,500 downloads before detection. The threat actor provided complete, working implementations of their advertised features, blurring the line between legitimate functionality and malicious intent. ([cybersecuritynews.com](https://cybersecuritynews.com/weaponized-nuget-packages/?utm_source=openai))
Mitigation Strategies
To safeguard against such supply chain attacks, developers and organizations should adopt the following practices:
1. Verify Package Authenticity: Before integrating third-party packages, confirm their legitimacy by checking official repositories, reviewing the publisher’s credentials, and examining user reviews.
2. Monitor for Typosquatting: Be vigilant for packages with names similar to popular libraries, as they may be malicious attempts to deceive developers.
3. Inspect Code and Dependencies: Regularly review the code and dependencies of integrated packages for any suspicious or unauthorized changes.
4. Implement Security Tools: Utilize security tools that can detect and alert on anomalous behaviors, such as unexpected network communications or data exfiltration attempts.
5. Educate Development Teams: Provide training on the risks associated with third-party packages and the importance of adhering to security best practices.
Conclusion
The discovery of the malicious Sicoob.Sdk NuGet package underscores the critical need for vigilance in the software supply chain, especially within the financial sector. By implementing robust verification processes, continuous monitoring, and comprehensive security education, developers and organizations can mitigate the risks posed by such sophisticated attacks.
