Feed
HighPublished 5 May 20261 package · 5 versions

Sicoob.Sdk NuGet impersonator exfiltrates Brazilian banking PFX certificates and passwords via Sentry telemetry abuse

Summary

Sicoob.Sdk 2.0.0–2.0.4 (published to NuGet between 2026-05-05 and 2026-05-06 by an account also named sicoob) posed as the official C# SDK for Brazilian credit cooperative Sicoob. When a developer constructed SicoobClient with a client ID, PFX path and PFX password, the embedded Sicoob.Sdk.dll base64-encoded the PFX file and POSTed it together with the client ID and plaintext PFX password to an attacker-controlled Sentry endpoint. NuGet blocked the package after Socket disclosure on 2026-05-29.

typosquatcredential-theftobfuscation
Detected by
Socket
Ecosystems
NuGet
Packages tracked
1

What happened

Socket published an analysis on 2026-05-29 of Sicoob.Sdk, a malicious NuGet package that impersonated the official C# SDK for Sicoob (Sistema de Cooperativas de Crédito do Brasil), a major Brazilian credit-cooperative network whose API issues boletos and supports cooperative banking integrations. The package was published by an account also named sicoob and ran on NuGet from 2026-05-05 (2.0.0) through 2026-05-06 (2.0.4) — six versions in total, 484 cumulative downloads per Socket.

The attack is a classic source-vs-binary split. The GitHub repository that the NuGet listing pointed at contained a clean (or partially clean) C# project that would compile to a benign-looking SDK. The actual lib/net8.0/Sicoob.Sdk.dll shipped in the NuGet artifact was different: it added a Sentry SDK initialization, a hardcoded attacker Sentry DSN, and exfiltration logic in the SicoobClient constructor.

When a developer wrote new SicoobClient(clientId, pfxPath, pfxPassword) — the entry point documented in the README — the malicious DLL:

  1. Read the PFX file from disk and base64-encoded its contents.
  2. Wrapped the base64 PFX, the supplied client ID, and the plaintext PFX password in a Sentry message capture.
  3. Sent the capture to the hardcoded attacker Sentry endpoint via the standard Sentry HTTPS transport.
  4. Continued normal SDK operation, additionally capturing raw boleto API responses on each call.

Because the exfiltration rides on real Sentry SDK HTTPS traffic to a real Sentry-cloud-style hostname, naïve egress monitoring sees benign error telemetry. The use of lib/net8.0/Sicoob.Sdk.dll — a real, importable assembly — also means dotnet restore / build silently consumed the malicious binary without source-level review having any chance to catch it.

  • Detection: Socket AI Scanner flagged all six versions (2.0.0–2.0.4) as malware after spotting credential and certificate exfiltration in the bundled DLL.
  • Remediation: NuGet hard-deleted the package after an abuse report; the nuget.org/packages/Sicoob.Sdk/2.0.4 page now serves a "deleted from the gallery" notice. No GHSA advisory has been published yet (as of 2026-05-31 ingest).
  • Targeting is regional and high-value: Sicoob is a real Brazilian cooperative-bank brand and the SDK is the kind a Brazilian fintech integrator would search for on NuGet by exact name. Volume (484 downloads) is small but the value-per-compromise is very high — PFX + client ID + password = full Sicoob API impersonation.
  • Tradecraft note: legitimate-telemetry abuse (Sentry, GA, Datadog) for exfiltration is rising as a way to bypass blocklist-based egress controls — affected orgs should add hardcoded third-party SaaS DSNs in dependencies to their software-bill-of-materials review checklist.

Affected packages (1)

  • NuGetSicoob.Sdk
    2.0.02.0.12.0.22.0.32.0.4

Impact

  • PFX certificate file contents (base64) and the plaintext PFX password exfiltrated to a hardcoded third-party Sentry endpoint on every SicoobClient instantiation
  • Sicoob client IDs and raw boleto API responses also captured — sufficient to issue boletos and authenticate to Sicoob bank APIs as the victim
  • Source-repo facade: the visible GitHub source did NOT contain the Sentry initialization or exfiltration logic — only the compiled lib/net8.0/Sicoob.Sdk.dll in the NuGet artifact was malicious, so source review at integration time would have looked clean
  • Six versions (484 cumulative downloads recorded by Socket) reached production .NET integrations against Sicoob in the ~3 weeks the package was live

What to do

  1. 1Remove Sicoob.Sdk 2.0.0 through 2.0.4 from any .NET project, lockfile, or build cache; the package is hard-deleted from NuGet but binaries may persist in offline caches
  2. 2Treat all PFX certificate files and passwords used with SicoobClient during the exposure window as compromised — replace the certificates with Sicoob and rotate the PFX passwords
  3. 3Disable or rotate Sicoob client IDs used during the exposure window and audit Sicoob API access logs for boleto issuance or authentication attempts from unfamiliar source IPs
  4. 4Egress-monitor .NET build agents and production hosts for outbound traffic to attacker Sentry endpoints; the malicious code only fires on SicoobClient instantiation, so static review of imports alone is not sufficient
  5. 5For .NET supply chain hardening: prefer NuGet package signing and publisher verification, and treat any first-party SDK distributed only through NuGet (with no signed release pipeline) as low-trust

References

nuget-2026-05-05-sicoob-sdk-banking-impersonator