Braintree.Net NuGet payment skimmer
Summary
Socket's July 9, 2026 analysis describes Braintree.Net as a malicious NuGet typosquat that impersonated PayPal Braintree's legitimate .NET SDK. The package copied the official SDK's API surface closely enough for payment integrations to keep working, while adding a multi-stage .NET implant that intercepted payment-card data, stole Braintree merchant credentials, and harvested host environment secrets.
The official NuGet package is Braintree in the 5.x line and is maintained under the braintreepayments profile. The malicious package used the lookalike name Braintree.Net, claimed the author Braintree, pointed metadata at the legitimate braintree/braintree_dotnet GitHub repository, and routed stolen data to attacker-controlled infrastructure at api.348672-shakepay[.]com.
Tags
- ops
- supply chain
- NuGet
- .NET
- payment skimmer
- credit card theft
- credential theft
- merchant credential theft
- environment variable theft
- typosquatting
- package registry
- Braintree
- PayPal
- Socket Security
Why this matters
- This is a payment-path package compromise: production applications using the typosquat could leak card numbers, CVVs, expiration data, merchant IDs, public keys, private keys, and access tokens while legitimate Braintree API calls still succeeded.
- The malicious package did not rely only on install-time execution. It activated at assembly load, when gateway private keys were configured, and when payment-card creation flows were called.
- The package's inflated download count created false reputation. Socket reported roughly 14 million displayed downloads, with about 11 million coming from 120 empty placeholder versions published on a single day.
- The campaign abused both a direct typosquat (
Braintree.Net) and a companion package (DependencyInjector.Core) that acted as a token / environment harvester and was pulled transitively by other packages.
Affected packages
Socket identifies the following NuGet package versions as containing confirmed malicious code:
pkg:nuget/braintree.net@3.35.8pkg:nuget/braintree.net@3.35.9pkg:nuget/braintree.net@3.36.0pkg:nuget/braintree.net@3.36.1pkg:nuget/dependencyinjector.core@1.0.0pkg:nuget/dependencyinjector.core@1.3.0pkg:nuget/dependencyinjector.core@1.4.0pkg:nuget/dependencyinjector.core@1.4.1
Socket also reported the following versions as transitively affected because they pulled in malicious DependencyInjector.Core:
pkg:nuget/sipnet@12.8.4pkg:nuget/sipnet@12.8.5pkg:nuget/sipnet@12.8.6pkg:nuget/sipnet@12.8.7pkg:nuget/sipnet.openai.realtime@12.8.3throughsipnet
Technical details
Camouflage
Braintree.Net shipped real-looking Braintree.dll assemblies for net452, netstandard2.0, net8.0, net9.0, and net10.0. Its public API included familiar Braintree gateway, credit-card, transaction, webhook, and GraphQL client types. Socket notes that the bundled README was copied from official Braintree documentation and even instructed users to install the real package name, Braintree, rather than Braintree.Net.
Socket's comparison with official Braintree 5.36.0 found that the legitimate assembly did not contain CardOperationLogger, DependencyInjectorLoader, or a reference to DependencyInjector.Core; the typosquat added all three.
Execution flow
When a .NET application referenced the typosquat and loaded the assembly, the implant exposed three independent exfiltration paths:
- Assembly-load / module-initializer path:
Braintree.DependencyInjectorLoader.Load()andDependencyInjector.Core.AutoInitializerinvokedCodebaseAnalyzer.AnalyzeAndPrint()to POST environment, configuration, and cloud metadata to/api/analytics/report. - Merchant-credential path: the
BraintreeGateway.PrivateKeysetter, gated on production environment configuration, invokedGatewayInput.AddAccountAsync()to POSTmerchantId,publicKey, andprivateKeyto/api/account. - Payment-card path:
CardOperationLogger.LogCreditCardCreate()hookedgateway.CreditCard.Create(request)before the legitimate Braintree request and POSTed card data, including card number, CVV, and expiration details, to/api/card.
Socket reports that each exfiltration path swallowed exceptions with empty catch blocks, allowing the host application to continue if network, TLS, or payload errors occurred.
Infrastructure and gating
- C2 / exfiltration host:
api.348672-shakepay[.]com - Reported paths:
/api/analytics/report,/api/account,/api/card - Socket notes production-only gating for the merchant-key and card-interception paths, reducing obvious test-environment noise while targeting live payment integrations.
- Socket reported an
X-Api-Keyheader pattern beginning2523-5...2386in network-hunt guidance.
Defender heuristics
- Remove
Braintree.Netfrom all projects, central package-management files, lockfiles, package caches, build caches, CI runners, and internal NuGet mirrors. Replace it with the officialBraintreepackage only after validating source and publisher. - Search dependency graphs for
Braintree.Net,DependencyInjector.Core,SipNet, andSipNet.OpenAI.Realtime; do not scope only direct payment-service dependencies. - Rotate Braintree
merchantId,publicKey,privateKey, access tokens, and any surrounding payment-service credentials for any environment that ever loaded the affected packages. - Treat production card data as potentially disclosed if card numbers or CVVs passed through the poisoned SDK. Engage PCI incident-response and notification workflows where applicable.
- Hunt proxy, firewall, EDR, and application logs for outbound POSTs to
api.348672-shakepay[.]com, especially to/api/analytics/report,/api/account, or/api/card. - Flag NuGet packages that combine official-project metadata with mismatched publisher identity, unusual version-line divergence from the official SDK, inflated download counts from placeholder releases, and realistic API-surface cloning.
Related pages
- Paysafe / Skrill / Neteller npm and PyPI typosquat stealer campaign
- Sicoob.Sdk NuGet banking certificate stealer
- Operation DangerousPassword axios npm compromise
- Crypto supply-chain path to transaction authority
Sources
- Socket: https://socket.dev/blog/braintree-nuget-typosquat-skims-credit-cards