MAL-2026-4395

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@inetafrica/open-claudia/MAL-2026-4395.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-4395

Withdrawn

2026-05-26T18:04:02Z

Published

2026-05-22T09:30:38Z

Modified

2026-05-27T00:31:56.125085703Z

Summary

Malicious code in @inetafrica/open-claudia (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (09b3881ec598069649e57612f04359886ef22331899541885248ea6a0a41bce2)

Multiple files in this package contain a Telegram-bot-based command-and-control and exfiltration framework wired to install/runtime-reachable code paths. setup.js (line 57, 73) and health.js (line 90) embed hardcoded https://api.telegram.org endpoints used in https GET/POST/request calls combined with child_process, fs, and os reads of process.env, process.platform, and host identifiers (whoami, id, ping). bot-agent.js, bot.js, and core/handlers.js compose the same primitive set: require('child_process') + require('https') + filesystem enumeration (fs.existsSync, fs.readdirSync) + outbound POSTs, with curl/ping shell-outs at bot-agent.js lines 598–608/1164. core/loopback.js exposes a local HTTP server staging system info via os.tmpdir(). The combined shape — Telegram C2 endpoints, host fingerprinting via shell commands, filesystem enumeration, environment-variable harvesting, and bot-agent automation — matches an installer-side credential and host-data exfiltration tool delivered via an npm package, not a legitimate Claude/Cursor helper as the name suggests. Installing or running this package will leak environment variables, host identifiers, and filesystem state to attacker-controlled Telegram bots and likely accept remote commands back via the same channel.

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "09b3881ec598069649e57612f04359886ef22331899541885248ea6a0a41bce2",
            "source": "amazon-inspector",
            "modified_time": "2026-05-22T09:30:38Z",
            "versions": [
                "2.2.15"
            ],
            "id": "IN-MAL-2026-004177",
            "import_time": "2026-05-26T05:52:05.215343928Z"
        },
        {
            "source": "amazon-inspector",
            "sha256": "766e927208a79fafba984ef22edef82ea87cdb9c520c5e9cbaa9e63fd47be70e",
            "modified_time": "2026-05-24T09:16:41Z",
            "versions": [
                "2.2.16"
            ],
            "id": "IN-MAL-2026-004474",
            "import_time": "2026-05-26T05:52:40.282374032Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com

Affected packages

npm / @inetafrica/open-claudia

Package

Name: @inetafrica/open-claudia; View open source insights on deps.dev
Purl: pkg:npm/%40inetafrica%2Fopen-claudia

Affected ranges

Affected versions

2.*

2.2.15

2.2.16

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/withdrawn/npm/@inetafrica/open-claudia/MAL-2026-4395.json"

indicators

{
    "package_integrity": [
        {
            "filename": "open-claudia-2.2.15.tgz",
            "hashes": {
                "sha1": "d71e44dde5fcf517ab243d1ec0154be4a5d84b0e",
                "sha512_sri": "sha512-rau9m7jfP9l/YZCjoSYmUFjiBtc103qeI7sfR0QWPHMNhEeQA3+1mLWDd0aCpQrFnHCLqnRILKTGGo0l9JnDAA=="
            }
        }
    ],
    "evidence_files": [
        {
            "path": "bin/cli.js",
            "tlsh": "0232a745dafe297247b7926a170b20237b55d6133204cc64b6ece3a6bf85094d2f39ec",
            "sha256": "d889293dcda5793c428ba196ef5a058ab5a2436f953b537e5e86e5e4ffafe72c"
        },
        {
            "sha256": "6b3c9b7184f6b394b1e5a49972d0caaa86165d13d8c5c803a79f78180abf874e",
            "tlsh": "d493f93560fb653176a2e06da31b602b7b3ab1173204e5a4b59cb6442fdd168c1f3bbc",
            "path": "bot-agent.js"
        },
        {
            "path": "bot.js",
            "tlsh": "13f1b7761afa01327473d28e8a0b501679a7f5073308c9d4765df26a1fce46487b6bf8",
            "sha256": "f54f63c6037b7a6ca3dd3eb4bc2e333c3d65982ffe97676a41f642316627c9e6"
        },
        {
            "path": "core/handlers.js",
            "tlsh": "ec53f8a460bb903169f7f15e5b1b1117372aa3173218d494b95ce3082fee159c2befe8",
            "sha256": "a99a80da9ec7d66d135b3a97bcab1685ab798bba120436f48f4494a916882c1d"
        },
        {
            "path": "core/loopback.js",
            "tlsh": "91a2778639a2b022db772128969bec16b36ef947784dc894b78c4650ffd30649376fc4",
            "sha256": "b3584055d8e9b758020ae95531db7fbb1281bae9a61ed1d8897fd5e61f584928"
        },
        {
            "path": "health.js",
            "tlsh": "3d72668e0de673359ba1a2696b0b60227365b143220cfd54f6dd92703f5d03452fbbea",
            "sha256": "79a2d267b44f8a417e759c1dd423abf2064922bb51687046fdfaeb16a92525ef"
        },
        {
            "path": "setup.js",
            "tlsh": "55d2a3754afa5134757ae06d974b501632a4b5173209ec6433dcb3a91fee82880bbefc",
            "sha256": "8aee04e520de5b1b33682fc842748b693feec976c4787d919ade56cdfdb98e9a"
        },
        {
            "path": "web.js",
            "tlsh": "bbe2c6b220e7092733a6d16c4657821a7761f517f00a8e60faac71982fdf865c1b79f8",
            "sha256": "8cebe8c91daac4c4a7e218e85cb9ac4101be297f3771a9327a65d0bf6c7e0ed5"
        }
    ]
}

cwes

[
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    },
    {
        "description": "The product contains code that appears to be malicious in nature.",
        "name": "Embedded Malicious Code",
        "cweId": "CWE-506"
    }
]