Malicious Sicoob NuGet Package Steals Banking Credentials from Developers

Cybersecurity researchers have uncovered a malicious NuGet package disguised as an official C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems. The package, identified as "Sicoob.Sdk" versions 2.0.0 through 2.0.4, contains data-exfiltration functionality designed to steal sensitive authentication material including client IDs, PFX certificates, and Boleto API responses. According to security firm Socket, the package has been downloaded approximately 500 times before being blocked by NuGet. The attack demonstrates increasingly sophisticated software supply chain tactics targeting developers who trust package registries as safe sources for code libraries. Security researchers recommend immediately removing this package and rotating all potentially compromised credentials to prevent unauthorized access to Sicoob banking networks.

When developers instantiate the SicoobClient with a client ID, PFX file path, and PFX password, the malicious package silently reads the certificate file from disk, Base64-encodes its contents, and transmits the credentials along with the encoded PFX data to a hardcoded third-party Sentry endpoint, according to security researcher Kirill Boychenko. The package also captures raw Boleto API responses via a separate Sentry path, potentially exposing sensitive transaction details including payment amounts, due dates, payer and payee information, and payment status. Boleto is a widely-used cash payment method in Brazil for both online and offline purchases. The stolen authentication material could enable threat actors to impersonate victims' Sicoob banking API integrations, facilitating unauthorized instant payments and fraudulent Pix QR code generation. Organizations should audit their privacy checkup processes and monitor for unusual API activity immediately.

The package profile, registered under the username "sicoob," has published 11 additional NuGet packages collectively downloaded approximately 6,000 times. An alarming aspect of the attack is the source-to-package mismatch between the linked GitHub repository and the artifact distributed via NuGet—the repository appears clean and legitimate while the malicious functionality exists only in the published package. Additionally, Google Search AI Mode surfaced the package as a legitimate C# library for interacting with Sicoob banking APIs, potentially amplifying exposure to unsuspecting developers searching for official tools. The compromise of Sicoob API authentication material poses indirect risks to end users, as it could leak downstream financial data or enable payment abuse. Developers are strongly advised to check password strength and rotate compromised PFX passwords, replace exposed certificates, and change or disable affected client IDs where applicable.