A recent discovery in the npm package registry has unveiled four malicious packages designed to steal cryptocurrency wallet credentials from Ethereum developers.
The packages, uploaded under the username “flashbotts,” have been posing as legitimate cryptographic tools and Flashbots MEV infrastructure while covertly extracting private keys and mnemonic seeds to a Telegram bot controlled by the threat actor, according to Socket researcher Kush Pandya’s analysis.
The packages were first introduced to npm in September 2023 by the user “flashbotts,” with the latest upload dated August 19, 2025. The list of packages, still available for download, includes:
The mimicking of Flashbots is strategic, considering its crucial role in addressing the negative impacts of MEV on the Ethereum network, such as various attacks like sandwich, liquidation, backrunning, and front-running.
One of the most dangerous libraries identified is “@flashbotts/ethers-provider-bundle,” which disguises its malicious activities under the guise of offering full Flashbots API compatibility, utilizing stealthy tactics to extract data over SMTP using Mailtrap.
Furthermore, the npm package implements a function to manipulate transactions, redirecting them to an attacker-controlled wallet address and logging metadata from pre-signed transactions.
sdk-ethers, although mostly harmless, contains functions to send mnemonic seed phrases to a Telegram bot, activated only when unknowingly invoked by developers.
Another package, flashbot-sdk-eth, also masquerading as Flashbots, aims to steal private keys, while gram-utilz facilitates the exfiltration of data to the threat actor’s Telegram chat.
Given that mnemonic seed phrases provide access to cryptocurrency wallets, their theft could grant threat actors complete control over victims’ assets.
The presence of Vietnamese language comments in the source code hints at a financially-motivated threat actor possibly fluent in Vietnamese.
The discovery highlights a calculated attempt by attackers to exploit platform trust for software supply chain attacks, camouflaging malicious code within harmless utilities to evade detection.
Pandya emphasized the risk posed by these packages, noting that compromised private keys within trusted SDKs could result in immediate and irreversible theft of funds.
These packages, by leveraging familiar names and concealing malicious code, transform routine Web3 development into a conduit for threat actors to access developer-controlled Telegram bots.
