solana-web3 @1.0.0

Summary

On import, solana-web3/__init__.py executes a credential-stealer payload. After a sandbox-evasion gate (checks for 12-hex Docker hostname, /.dockerenv, and presence of strace to skip analysis environments), _collect() reads installer-side secrets: ~/.ssh/id_rsa, ~/.ssh/id_ed25519, ~/.aws/credentials, Solana keypairs at ~/.config/solana/id.json and ~/.solana/id.json,.env files in the current and parent directories as well as /app/.env and /root/.env, and bulk-scrapes os.environ for any variable name containing KEY/SECRET/MNEMONIC/PRIVATE/TOKEN/PASSWORD/AWS/NPM/GITHUB/SOLANA. The harvested data is POSTed to https://api.telegram.org/bot<redacted>/sendMessage using a hardcoded bot token and chat_id 8346336575. _persist() then writes @reboot sleep 90 && python3 <__file__> into /tmp/.psync and merges it into the user's crontab so the stealer re-runs on every reboot, even after the package is uninstalled. The package name impersonates the well-known @solana/web3.js Solana SDK and advertises itself as a 'Community-maintained Solana Python SDK', but ships no SDK functionality — only the stealer. METADATA lists UNKNOWN homepage/license and a generic 'Solana Dev Community' author.

Source: amazon-inspector (4967ebad2d1f4f5802ef50f1d399c05c4dfab94a208079695570b15ffef0fdd2)