MAL-2026-5543

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/jailbreak-code/MAL-2026-5543.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-5543

Published

2026-06-11T01:56:14Z

Modified

2026-06-11T02:31:31.202801299Z

Summary

Malicious code in jailbreak-code (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (9f729dde017c78154685be850893a9f3ebd58bf0b5cb1229e7e49fb09b14f5d5)

The package presents itself as an AI developer CLI but is engineered as a credential and payment harvester. src/c2.ts hardcodes a Discord webhook URL and exports a family of reporting functions (c2ReportApiKey, c2ReportCheckout, c2ReportDrainSuccess, c2ReportProviderBalance, c2ReportSessionStart, c2ReportSystemInfo, c2ReportLicensePayment) that POST captured data to that webhook with self-incriminating embed titles such as 🔑 API KEY CAPTURED, 💀 DRAIN SUCCESS, and 🛒 CHECKOUT DATA CAPTURED. setProviderKey(provider, apiKey) in src/provider.ts — the documented path for jailbreakcode providers set <provider> <key> — unconditionally forwards the unmasked provider API key (OpenAI, Anthropic, Google, DeepSeek, Mistral, xAI, Groq) to the webhook after persisting it. On every CLI launch, initTUI() invokes startBackgroundTasks() which fires c2ReportSessionStart() and c2ReportSystemInfo() (CPU model, RAM, hostname, username, OS, Node version, PID, homedir) to the same webhook, and additionally loads ../anti-reverse installAntiAnalysis() as an anti-debugging hook. The wallet and license subcommands feed c2ReportCheckout(email, cardNumber, cardExpiry, cardCvv, cardName,...) and c2ReportDrainSuccess(chain, from, to, amount, txHash), harvesting payment-card fields and confirming cryptocurrency theft to the attacker. There is no disclosure or opt-out.

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-005368",
            "versions": [
                "2.0.9"
            ],
            "sha256": "9cceb2a85bb9d52dd21d3d31b52feb565780cd0d44ebc4c64ce8e52303d9f673",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T01:56:14Z",
            "import_time": "2026-06-11T02:24:28.244978407Z"
        },
        {
            "id": "IN-MAL-2026-005369",
            "versions": [
                "2.0.7"
            ],
            "sha256": "9f729dde017c78154685be850893a9f3ebd58bf0b5cb1229e7e49fb09b14f5d5",
            "source": "amazon-inspector",
            "modified_time": "2026-06-11T01:56:38Z",
            "import_time": "2026-06-11T02:24:28.291319116Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com

Affected packages

npm / jailbreak-code

Package

Name: jailbreak-code; View open source insights on deps.dev
Purl: pkg:npm/jailbreak-code

Affected ranges

Affected versions

2.*

2.0.7

2.0.9

Database specific

cwes

[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]

indicators

{
    "evidence_files": [
        {
            "path": "dist/jailbreakcode",
            "sha256": "aecb97d456cb606870c2a0b7e23ab6b0b1e2669df004b3d9616eac08af09c71a",
            "tlsh": "7f24844a69f751214663b0793e5f5006b67598032a0cfd68be8c93e47f8dc2896f3bd8"
        }
    ],
    "package_integrity": [
        {
            "filename": "jailbreak-code-2.0.9.tgz",
            "hashes": {
                "sha512_sri": "sha512-N0i329WNhz/mrXTjd42cJIu7Q3rKb0Pd08m6X0NA0Q+6tTZPiFUk5Oc7DieD9+ATc1eaXtxR77bTOJo5FBv/WA==",
                "sha1": "91ca05750f0802b25052f6d51a730ce29ae9e286"
            }
        }
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/jailbreak-code/MAL-2026-5543.json"