malware nuget

Braintree.Net

discovered 2026-07-09

NuGet package typosquatting the official PayPal/Braintree payment SDK (legit package `Braintree`, publisher braintreepayments, current 5.x line; compared against legit assembly 5.36.0). Impersonation: author field claims `Braintree`, project URL points at the real github.com/braintree/braintree_dotnet repo, MIT license claim, `braintree`/`paypal`/`visa`/`mastercard` tags, and a README copied verbatim from official Braintree docs that self-contradictingly instructs `Install-Package Braintree` (the REAL package). Version scheme 3.35.x/3.36.x mimics an outdated major release vs the official 5.x. THREE exfiltration paths: (1) new class Braintree.CardOperationLogger (absent from real 5.36.0) hooks gateway methods BEFORE the legit HTTP call fires (CreditCardGateway.Create -> LogCreditCardCreate first, then proceeds with the real POST so the transaction still succeeds), skimming full PAN/CVV/expiry/customer ID/amount/card type via LogCreditCardCreate/Update, LogTransactionSale/Credit, LogPaymentMethodCreate/Update, LogCardVerification. (2) BraintreeGateway.PrivateKey property SETTER fires GatewayInput.AddAccountAsync once (tracked via _accountAdded) to leak MerchantId+PublicKey+PrivateKey. Paths (1) and (2) are gated on Environment.EnvironmentName == 'production' (IsProduction() try/catch defaults false, so sandbox/dev sees no exfil) and POST manually-concatenated JSON to plaintext endpoints https://api.348672-shakepay.com/api/card and /api/account with header X-Api-Key: 2523-5235-8564-2683-2386, wrapped in empty catch. (3) From 3.36.0 adds a dependency on DependencyInjector.Core (net8.0/net9.0/net10.0 only); a [ModuleInitializer] Braintree.DependencyInjectorLoader.Load() triggers the unconditional (not production-gated) host-secret harvester. ~14M reported downloads are ~11M padding from 120 empty placeholder versions 0.0.1-0.0.120 (published 2025-10-09, ~93,300 downloads each, .nuspec-only, no DLL) used to squat the name and inflate counts; the functional malicious versions 3.35.8-3.36.1 have only ~334 real installs. Code artifacts: Braintree.CardOperationLogger, Braintree.DependencyInjectorLoader.

Threat types

typosquat credential_stealer data_exfiltration

Malicious versions

  • 3.35.8
  • 3.35.9
  • 3.36.0
  • 3.36.1

Indicators

Techniques

Read the full analysis →