MAL-2026-5976

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/cryptodao-core/MAL-2026-5976.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-5976
Published
2026-06-17T04:04:30Z
Modified
2026-06-17T06:02:02.394670548Z
Summary
Malicious code in cryptodao-core (npm)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (44bcbcde72a12ed60b3d16200226faa40f1e7e66c6ac36776710f2a0a3fec9a7)

package.json declares a postinstall hook that runs recon.js on every npm install. recon.js harvests installer-side secrets — AWSSECRETACCESSKEY, SSHPRIVATEKEY, NPMTOKEN, GITLABACCESSTOKEN, DBPASSWORD, MNEMONIC and similar — reads.env files from multiple paths, enumerates CI runner directories (/builds/, /home/gitlab-runner/), and collects host fingerprint data (hostname, platform, user, cwd). The bundle is POSTed over HTTPS with TLS verification disabled (rejectUnauthorized:false) to two anonymous request-capture endpoints: webhook.site/d6d18927-e513-4df7-b019-58bfc64fe0dd and enqoojbegdvxj.x.pipedream.net. A copy is also dropped to /tmp/.npmrecon_<ts>.json. The package name 'cryptodao-core' combined with version 99.99.99 and the in-source comment 'CryptoDAO Dependency Confusion Reconnaissance Payload' is the canonical dependency-confusion attack shape — published at an absurd version to outrank an internal package of the same name on resolvers that mix public and private registries. Any CI runner or developer machine that installs this version will leak its environment secrets to attacker-controlled endpoints.

Database specific 
{
    "malicious-packages-origins": [
        {
            "id": "IN-MAL-2026-006864",
            "import_time": "2026-06-17T05:45:41.121927634Z",
            "source": "amazon-inspector",
            "versions": [
                "99.99.99"
            ],
            "modified_time": "2026-06-17T04:04:30Z",
            "sha256": "44bcbcde72a12ed60b3d16200226faa40f1e7e66c6ac36776710f2a0a3fec9a7"
        }
    ]
}
References
Credits

Affected packages

npm / cryptodao-core

Package

Name
cryptodao-core
View open source insights on deps.dev
Purl
pkg:npm/cryptodao-core

Affected ranges

Affected versions

99.*
99.99.99

Database specific

cwes 
[
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    }
]
source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/cryptodao-core/MAL-2026-5976.json"
indicators 
{
    "package_integrity": [
        {
            "filename": "cryptodao-core-99.99.99.tgz",
            "hashes": {
                "sha1": "15b8b78a35a2a7f0523aafdcc464c91625f66b2b",
                "sha512_sri": "sha512-IRiYtBqfDj0KB5y9KdxGCjV0G2Fhg55FTYXwd51c1s0Ar+U5OhqkWELgg40OqMIRcm+JieOm+e/+RQ4S/eRw4w=="
            }
        }
    ],
    "evidence_files": [
        {
            "path": "recon.js",
            "sha256": "3dd1f7827fe311d17f442e0af0fab46f3f1a938bb3409838536795fb1aa0f740",
            "tlsh": "e481c9f046f1623815622784541f1012917bf297f2a6bbf4b6dc023a0faa96045f6fef"
        },
        {
            "path": "package.json",
            "sha256": "1a6903ac622c278e119289873be8612ede2351da429772164740192ce61767d4",
            "tlsh": "a3d0a7351d31bb2336cd1aa75c35940526b15d5e5140960407c7116846ed1b664ff359"
        }
    ]
}