Malicious npm Package “pino-sdk-v2” Caught Harvesting Secrets

In the modern development landscape, supply chain attacks remain one of the most effective ways for threat actors to cast a wide net. The latest victim of this trend is the widely used Node.js ecosystem, where researchers from SafeDep have uncovered a malicious package masquerading as a popular utility.

The package, named pino-sdk-v2, is a classic example of a typosquatting or brand-impersonation attack. It targets users of pino, one of the most trusted loggers in the Node.js community with nearly 20 million weekly downloads. By mimicking a legitimate SDK or version update, the attackers hope to catch developers off-guard during their routine dependency management.

A developer scanning the npm page would see the real pino author, repository, and documentation. As the SafeDep report highlights: “The package is a near copy of pino’s source, docs, and README with one addition: an obfuscated payload in lib/tools.js that scans .env files for secrets and exfiltrates them to a Discord webhook on require()”.

Unlike many malicious packages that rely on “install hooks” (which are often flagged by security scanners), pino-sdk-v2 takes a stealthier approach. The code only executes when the package is actually called in a project, effectively “bypassing scanners that only flag install scripts”.

Once a developer includes the package in their code, it immediately begins its reconnaissance. The obfuscated payload is specifically designed to hunt for credentials in a variety of environment configuration files, including:

• .env
• .env.local
• .env.production
• .env.development
• .env.example

The malware uses six different regular expression patterns to match secret values. One of these patterns is intentionally “overly broad” to ensure it “captures more credentials” by matching any line starting with the string “KEY=”.

Once the secrets are harvested, they aren’t sent to a typical command-and-control server. Instead, the malware formats the stolen data into a clean Discord embed, including the filename, key name, and line number where the secret was found. This data is then transmitted to a hardcoded Discord webhook.

The use of Discord as an exfiltration platform allows the attackers to blend in with legitimate developer traffic, making the theft harder to detect through standard network monitoring.