MAL-2026-4581
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/idlidosa/MAL-2026-4581.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-4581
- Published
- 2026-05-20T07:38:38Z
- Modified
- 2026-05-26T06:02:36.264821381Z
- Summary
- Malicious code in idlidosa (npm)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (93244f4468caec1832fe03d87c7403d7ab1dac835f12605a35667acfd3b87c39)
The package ships shared/keys.json containing 9 AES-256-GCM-encrypted Groq API keys. The decryption key is a fixed byte sequence ('pageai-pool-v2') hardcoded in dist/cli/index.js (and dist/shared/index.cjs / dist/shared/index.js), which means every installer obtains usable Groq API credentials owned by a third party. The README explicitly advertises this as a feature ('on first install you don't even need to paste your own key') and explicitly states the encryption exists to defeat automated key scanners — this is live-credential redistribution to anyone who installs the package, exposing the key-owner's Groq account to abuse and billing fraud by every installer. Additional concerns observed in the package, while not the primary block basis: when the operator runs
npx idlidosa start, the CLI installs a Windows scheduled task named 'MicrosoftEdgeWebView2Update' that fires every minute, copies and rewrites version metadata on a bundled Electron binary to impersonate Microsoft Edge WebView2 ('CompanyName=Microsoft Corporation'), sets a guard process title to 'Windows Audio Device Graph Isolation', and ships PowerShell DLL-injection tooling (injectdll.ps1, findtestpad.ps1, unprotect.dll) that scans for windows whose titles contain 'testpad', 'exam', or 'assessment' to clear WDA_EXCLUDEFROMCAPTURE on proctoring software. These behaviors fire only after explicit user invocation of the CLI and do not target the installer's secrets, but they corroborate the package's adversarial posture. - Database specific
{ "malicious-packages-origins": [ { "modified_time": "2026-05-20T07:38:38Z", "versions": [ "1.0.0" ], "sha256": "93244f4468caec1832fe03d87c7403d7ab1dac835f12605a35667acfd3b87c39", "id": "IN-MAL-2026-003495", "source": "amazon-inspector", "import_time": "2026-05-26T05:50:44.033497656Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
Affected packages
npm / idlidosa
Package
- Name
- idlidosa
- View open source insights on deps.dev
- Purl
- pkg:npm/idlidosa
Database specific
indicators
{
"evidence_files": [
{
"sha256": "a50bab4cd4aa3ca52f42b2b69c264c09ee15a465cd8b5cea38441b444fcfca1c",
"tlsh": "11119640e8b1ec34d99ae208c3131665461754172da7bf0f7a08458e4bdf9eea7360d8",
"path": "shared/keys.json"
},
{
"sha256": "df6db9d5c5fbf2c6fee358e646ca96e5be619866b67861f2b55e907481e55c4f",
"tlsh": "58a20a9d74f51a3a41f320f6a81b401771a08523360deec476acaba82fae578c5f75dc",
"path": "dist/cli/index.js"
},
{
"sha256": "fe75cf773fb0304449d32891082e71eead1b911658b87a610577d7d8db7d6793",
"tlsh": "0e4158452f56ab2134a3ad2d46cec46df20b90b213bf991879fc4330af1a09dd17a756",
"path": "desktop/resources/inject_dll.ps1"
},
{
"sha256": "09cc2095c902d6505401f3a9d1dca25946604b3ebe5bad89a54e3efe5d7af982",
"tlsh": "a871754972f60a6c12f3c1b6223ba41b17e7c619620cc995a41ee6873f9427f01e6dfd",
"path": "cli/guard.cjs"
}
],
"package_integrity": [
{
"filename": "idlidosa-1.0.0.tgz",
"hashes": {
"sha512_sri": "sha512-4hTjAeZiwBsrGBYXFr/aOWTX/BFyC7e/QJB3g7B3/ZiwPAsitVFhLUZevrdyrY/mhSapFPGq3lmJcKao2oSvwg==",
"sha1": "e332e3ad55557b5d8b7bbc4660fb7d93c8729c5f"
}
}
]
}
cwes
[
{
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code",
"cweId": "CWE-506"
}
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/idlidosa/MAL-2026-4581.json"